Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Mozilla — Vulnerabilities & Security Advisories 1778

Browse all 1778 CVE security advisories affecting Mozilla. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Mozilla operates as a non-profit organization primarily known for developing the Firefox web browser and maintaining the Gecko rendering engine. Its software portfolio serves millions of users globally, focusing on open-source web technologies and privacy-centric browsing solutions. Historically, the codebase has been susceptible to a wide array of vulnerabilities, including remote code execution, cross-site scripting, and memory corruption issues such as buffer overflows. These flaws often stem from complex JavaScript engines and network stack implementations. While Mozilla maintains a robust security response team and regularly issues patches, the sheer volume of recorded Common Vulnerabilities and Exposures highlights the challenges inherent in maintaining large-scale, cross-platform applications. The organization continues to prioritize security audits and community-driven bug bounty programs to mitigate risks associated with its extensive feature set and widespread adoption.

Found 1246 results / 1778Clear Filters
Top products by Mozilla: Firefox Thunderbird Firefox ESR Firefox for iOS Firefox for Android Focus for iOS Thunderbird ESR nss Mozilla VPN Hubs Cloud WebThings Gateway Mozilla Bleach Focus sccache Nunjucks Convict PollBot Mozilla VPN 2.28.0 neqo rhino thin-vec common-voice Mozilla VPN 2.16.1 hawk geckodriver Mozilla VPN iOS 1.0.7 Firefox for Bugzilla Network Security Services (NSS) Network Security Services
CVE IDTitleCVSSSeverityPublished
CVE-2026-8401 Sandbox escape in the Profile Backup component — Firefox--2026-05-12
CVE-2026-8391 Other issue in the JavaScript Engine component — Firefox--2026-05-12
CVE-2026-8390 Use-after-free in the JavaScript: WebAssembly component — Firefox--2026-05-12
CVE-2026-8389 JIT miscompilation in the JavaScript Engine: JIT component — Firefox--2026-05-12
CVE-2026-8388 Incorrect boundary conditions in the JavaScript Engine: JIT component — Firefox--2026-05-12
CVE-2026-8094 Other issue in the WebRTC component — Firefox 6.5AIMediumAI2026-05-07
CVE-2026-8093 Memory safety bugs fixed in Thunderbird 150.0.2 — Firefox 9.8AICriticalAI2026-05-07
CVE-2026-8092 Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2 — Firefox 9.8AICriticalAI2026-05-07
CVE-2026-8091 Incorrect boundary conditions in the Audio/Video: Playback component — Firefox 6.5AIMediumAI2026-05-07
CVE-2026-8090 Use-after-free in the DOM: Networking component — Firefox 9.1AICriticalAI2026-05-07
CVE-2026-7321 Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component — Firefox 8.1AIHighAI2026-04-28
CVE-2026-7324 Memory safety bugs fixed in Thunderbird 150.0.1 — Firefox 9.8AICriticalAI2026-04-28
CVE-2026-7323 Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 — Firefox 9.8AICriticalAI2026-04-28
CVE-2026-7322 Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 — Firefox 9.8AICriticalAI2026-04-28
CVE-2026-7320 Information disclosure due to incorrect boundary conditions in the Audio/Video component — Firefox 6.5AIMediumAI2026-04-28
CVE-2026-6786 Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150 — Firefox 9.8AICriticalAI2026-04-21
CVE-2026-6785 Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150 — Firefox 9.8AICriticalAI2026-04-21
CVE-2026-6784 Memory safety bugs fixed in Firefox 150 and Thunderbird 150 — Firefox 9.8AICriticalAI2026-04-21
CVE-2026-6783 Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component — Firefox 9.8AICriticalAI2026-04-21
CVE-2026-6782 Information disclosure in the IP Protection component — Firefox 7.5AIHighAI2026-04-21
CVE-2026-6781 Denial-of-service in the Audio/Video: Playback component — Firefox 7.5AIHighAI2026-04-21
CVE-2026-6780 Denial-of-service in the Audio/Video: Playback component — Firefox 7.5AIHighAI2026-04-21
CVE-2026-6779 Other issue in the JavaScript Engine component — Firefox 7.5AIHighAI2026-04-21
CVE-2026-6778 Invalid pointer in the Audio/Video: Playback component — Firefox 6.5AIMediumAI2026-04-21
CVE-2026-6777 Other issue in the Networking: DNS component — Firefox 7.5AIHighAI2026-04-21
CVE-2026-6776 Incorrect boundary conditions in the WebRTC: Networking component — Firefox 7.5AIHighAI2026-04-21
CVE-2026-6775 Incorrect boundary conditions in the WebRTC component — Firefox 9.1AICriticalAI2026-04-21
CVE-2026-6774 Mitigation bypass in the DOM: Security component — Firefox 9.1AICriticalAI2026-04-21
CVE-2026-6772 Incorrect boundary conditions in the Libraries component in NSS — Firefox 9.1AICriticalAI2026-04-21
CVE-2026-6773 Denial-of-service due to integer overflow in the Graphics: WebGPU component — Firefox 7.5AIHighAI2026-04-21

This page lists every published CVE security advisory associated with Mozilla. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.