CVE-2026-8945— Mozilla Firefox和Mozilla Firefox Focus for Android 安全漏洞
Possible ATT&CK Techniques 1AI
T1210 · Exploitation of Remote Services新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-8945の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Sandbox escape in Firefox and Firefox Focus for Android
ソース: NVD (National Vulnerability Database)
脆弱性説明
Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Mozilla Firefox和Mozilla Firefox Focus for Android 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Mozilla Firefox和Mozilla Firefox Focus for Android都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox Focus for Android是一款专为Android设备设计的隐私浏览器。 Mozilla Firefox和Mozilla Firefox Focus for Android 151.0之前版本存在安全漏洞,该漏洞源于沙箱逃逸。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-8945の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-8945のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-8945 厂商安全公告 (1)
Same Patch Batch · Mozilla · 2026-05-19 · 32 CVEs total
| CVE-2026-8961 | Spoofing issue in the Form Autofill component | |
| CVE-2026-8706 | Sensitive user data could be leaked to other applications through Reader mode | |
| CVE-2026-8975 | Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151 | |
| CVE-2026-8974 | Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151 | |
| CVE-2026-8973 | Memory safety bugs fixed in Firefox 151 | |
| CVE-2026-8972 | Privilege escalation in the WebRTC: Audio/Video component | |
| CVE-2026-8971 | Same-origin policy bypass in the Networking: JAR component | |
| CVE-2026-8970 | Privilege escalation in the Security component | |
| CVE-2026-8969 | Mitigation bypass in the DOM: Security component | |
| CVE-2026-8968 | Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component | |
| CVE-2026-8967 | Information disclosure in the Graphics: WebGPU component | |
| CVE-2026-8966 | Information disclosure in the IP Protection component | |
| CVE-2026-8965 | Information disclosure in the DOM: Security component | |
| CVE-2026-8964 | Spoofing issue in the Popup Blocker component | |
| CVE-2026-8963 | Spoofing issue in the Web Speech component | |
| CVE-2026-8962 | Mitigation bypass in the DOM: Security component | |
| CVE-2026-8946 | Incorrect boundary conditions in the Audio/Video: Web Codecs component | |
| CVE-2026-8960 | Spoofing issue in WebExtensions | |
| CVE-2026-8959 | Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component | |
| CVE-2026-8958 | Information disclosure, sandbox escape in the Security: Process Sandboxing component |
Showing 20 of 32 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Firefox
- CVE-2026-12330
Incorrect boundary conditions in the Internationalization co - CVE-2026-12329
Memory safety bug fixed in Thunderbird ESR 140.12 - CVE-2026-12328
Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR - CVE-2026-12327
Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird - CVE-2026-12326
Memory safety bugs fixed in Firefox 152 and Thunderbird 152
同じベンダー: Mozilla
- CVE-2026-53900
Cookie injection was possible when opening a PDF link - CVE-2026-53899
Cross-origin cookies could be leaked when opening a PDF link - CVE-2026-12330
Incorrect boundary conditions in the Internationalization co - CVE-2026-12329
Memory safety bug fixed in Thunderbird ESR 140.12 - CVE-2026-12328
Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR
V. CVE-2026-8945へのコメント
まだコメントはありません