Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Firefox — Vulnerabilities & Security Advisories 1324

All 1324 CVE vulnerabilities found in Firefox, with AI-generated Chinese analysis, references, and POCs.

This page serves as a comprehensive vulnerability aggregation resource for the Firefox browser product, developed by the Mozilla Foundation, focusing on security weaknesses and associated Common Weakness Enumeration (CWE) identifiers. It systematically collects data regarding known security flaws, ranging from memory corruption issues and cross-site scripting defects to privilege escalation vulnerabilities, covering historical records from the early days of the project through recent updates. By aggregating these entries, the resource enables security professionals and developers to effectively track Mozilla’s security advisories, gaining insight into the remediation timeline and severity assessments for various incidents. Users can utilize this compilation to understand the prevalence and impact of specific weakness classes within the Firefox codebase, analyzing how particular vulnerability types have evolved over time. Furthermore, the page provides a detailed history of vulnerabilities for the product, allowing researchers to identify patterns in bug discovery and patch deployment. This structured approach facilitates a deeper analysis of the browser’s security posture, supporting informed decision-making for enterprises deploying Firefox across their infrastructure. The content is designed to aid in risk assessment, compliance auditing, and defensive coding practices by offering a centralized view of past security events and their technical resolutions.

Vendor: Mozilla

CVE IDTitleCVSSSeverityPublished
CVE-2026-14241 Memory safety bugs fixed in Firefox 152.0.4 --2026-06-30
CVE-2026-12330 Incorrect boundary conditions in the Internationalization component --2026-06-16
CVE-2026-12329 Memory safety bug fixed in Thunderbird ESR 140.12 --2026-06-16
CVE-2026-12328 Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 --2026-06-16
CVE-2026-12327 Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 --2026-06-16
CVE-2026-12326 Memory safety bugs fixed in Firefox 152 and Thunderbird 152 --2026-06-16
CVE-2026-12325 Denial-of-service in the Graphics: ImageLib component --2026-06-16
CVE-2026-12324 Incorrect boundary conditions in the Graphics: CanvasWebGL component --2026-06-16
CVE-2026-12323 Spoofing issue in the DOM: Core & HTML component --2026-06-16
CVE-2026-12322 Clickjacking issue in the Widget: Gtk component --2026-06-16
CVE-2026-12321 JIT miscompilation in the JavaScript: WebAssembly component --2026-06-16
CVE-2026-12320 Information disclosure in the Password Manager component --2026-06-16
CVE-2026-12319 Denial-of-service in the Audio/Video: Playback component --2026-06-16
CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS --2026-06-16
CVE-2026-12317 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12316 Mitigation bypass in the DOM: Security component --2026-06-16
CVE-2026-12315 Mitigation bypass in the DOM: Security component --2026-06-16
CVE-2026-12314 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12313 Information disclosure, sandbox escape in the Security: Process Sandboxing component --2026-06-16
CVE-2026-12312 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12311 Information disclosure, sandbox escape in the Security: Process Sandboxing component --2026-06-16
CVE-2026-12310 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12309 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12308 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12307 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12306 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12305 Memory safety bug fixed in Firefox 152 --2026-06-16
CVE-2026-12304 Same-origin policy bypass in the Networking: Cookies component --2026-06-16
CVE-2026-12303 Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component --2026-06-16
CVE-2026-12302 Mitigation bypass in the DOM: Security component --2026-06-16

All 1324 known CVE vulnerabilities affecting Firefox with full Chinese analysis, references, and POCs where available.