Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

Mozilla — Vulnerabilities & Security Advisories 1810

Browse all 1810 CVE security advisories affecting Mozilla. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Mozilla operates as a non-profit organization primarily known for developing the Firefox web browser and maintaining the Gecko rendering engine. Its software portfolio serves millions of users globally, focusing on open-source web technologies and privacy-centric browsing solutions. Historically, the codebase has been susceptible to a wide array of vulnerabilities, including remote code execution, cross-site scripting, and memory corruption issues such as buffer overflows. These flaws often stem from complex JavaScript engines and network stack implementations. While Mozilla maintains a robust security response team and regularly issues patches, the sheer volume of recorded Common Vulnerabilities and Exposures highlights the challenges inherent in maintaining large-scale, cross-platform applications. The organization continues to prioritize security audits and community-driven bug bounty programs to mitigate risks associated with its extensive feature set and widespread adoption.

Found 1277 results / 1810Clear Filters
Top products by Mozilla: Firefox Thunderbird Firefox ESR Firefox for iOS Firefox for Android Focus for iOS Thunderbird ESR nss Mozilla VPN Hubs Cloud WebThings Gateway Mozilla Bleach Focus sccache Nunjucks Convict PollBot Mozilla VPN 2.28.0 neqo rhino thin-vec common-voice Mozilla VPN 2.16.1 hawk geckodriver Mozilla VPN iOS 1.0.7 Firefox for Bugzilla Network Security Services (NSS) Network Security Services
CVE IDTitleCVSSSeverityPublished
CVE-2026-8975 Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151 — Firefox--2026-05-19
CVE-2026-8974 Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151 — Firefox--2026-05-19
CVE-2026-8973 Memory safety bugs fixed in Thunderbird 151 — Firefox--2026-05-19
CVE-2026-8972 Privilege escalation in the WebRTC: Audio/Video component — Firefox--2026-05-19
CVE-2026-8971 Same-origin policy bypass in the Networking: JAR component — Firefox--2026-05-19
CVE-2026-8970 Privilege escalation in the Security component — Firefox--2026-05-19
CVE-2026-8969 Mitigation bypass in the DOM: Security component — Firefox--2026-05-19
CVE-2026-8968 Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component — Firefox--2026-05-19
CVE-2026-8967 Information disclosure in the Graphics: WebGPU component — Firefox--2026-05-19
CVE-2026-8966 Information disclosure in the IP Protection component — Firefox--2026-05-19
CVE-2026-8965 Information disclosure in the DOM: Security component — Firefox--2026-05-19
CVE-2026-8964 Spoofing issue in the Popup Blocker component — Firefox--2026-05-19
CVE-2026-8963 Spoofing issue in the Web Speech component — Firefox--2026-05-19
CVE-2026-8962 Mitigation bypass in the DOM: Security component — Firefox--2026-05-19
CVE-2026-8961 Spoofing issue in the Form Autofill component — Firefox--2026-05-19
CVE-2026-8960 Spoofing issue in WebExtensions — Firefox--2026-05-19
CVE-2026-8959 Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component — Firefox--2026-05-19
CVE-2026-8958 Information disclosure, sandbox escape in the Security: Process Sandboxing component — Firefox--2026-05-19
CVE-2026-8957 Privilege escalation in the Enterprise Policies component — Firefox--2026-05-19
CVE-2026-8956 Integer overflow in the Networking: JAR component — Firefox--2026-05-19
CVE-2026-8955 Privilege escalation in the DOM: Workers component — Firefox--2026-05-19
CVE-2026-8954 Incorrect boundary conditions, integer overflow in the Audio/Video component — Firefox--2026-05-19
CVE-2026-8953 Sandbox escape due to use-after-free in the Disability Access APIs component — Firefox--2026-05-19
CVE-2026-8952 Privilege escalation in the Application Update component — Firefox--2026-05-19
CVE-2026-8951 Spoofing issue in the Toolbar component in Firefox for Android — Firefox--2026-05-19
CVE-2026-8950 Same-origin policy bypass in the Networking: HTTP component — Firefox--2026-05-19
CVE-2026-8949 Integer overflow in the Widget: Win32 component — Firefox--2026-05-19
CVE-2026-8948 Same-origin policy bypass in the DOM: Networking component — Firefox--2026-05-19
CVE-2026-8947 Use-after-free in the DOM: Bindings (WebIDL) component — Firefox--2026-05-19
CVE-2026-8946 Incorrect boundary conditions in the Audio/Video: Web Codecs component — Firefox--2026-05-19

This page lists every published CVE security advisory associated with Mozilla. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.