Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

mozilla — Vulnerabilities & Security Advisories 1773

Browse all 1773 CVE security advisories affecting mozilla. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Mozilla operates as a non-profit organization primarily known for developing the Firefox web browser and maintaining the Gecko rendering engine. Its software portfolio serves millions of users globally, focusing on open-source web technologies and privacy-centric browsing solutions. Historically, the codebase has been susceptible to a wide array of vulnerabilities, including remote code execution, cross-site scripting, and memory corruption issues such as buffer overflows. These flaws often stem from complex JavaScript engines and network stack implementations. While Mozilla maintains a robust security response team and regularly issues patches, the sheer volume of recorded Common Vulnerabilities and Exposures highlights the challenges inherent in maintaining large-scale, cross-platform applications. The organization continues to prioritize security audits and community-driven bug bounty programs to mitigate risks associated with its extensive feature set and widespread adoption.

Found 1241 results / 1773Clear Filters
Top products by mozilla: Firefox Thunderbird Firefox ESR Firefox for iOS Firefox for Android Focus for iOS Thunderbird ESR nss Mozilla VPN Hubs Cloud WebThings Gateway Mozilla Bleach Focus sccache Nunjucks Convict PollBot Mozilla VPN 2.28.0 neqo rhino thin-vec common-voice Mozilla VPN 2.16.1 hawk geckodriver Mozilla VPN iOS 1.0.7 Firefox for Bugzilla Network Security Services (NSS) Network Security Services
CVE IDTitleCVSSSeverityPublished
CVE-2026-4718 Undefined behavior in the WebRTC: Signaling component — Firefox 5.3 -2026-03-24
CVE-2026-4728 Spoofing issue in the Privacy: Anti-Tracking component — Firefox 4.3 -2026-03-24
CVE-2026-4727 Denial-of-service in the Libraries component in NSS — Firefox 7.5 -2026-03-24
CVE-2026-4726 Denial-of-service in the XML component — Firefox 7.5 -2026-03-24
CVE-2026-4717 Privilege escalation in the Netmonitor component — Firefox 9.8 -2026-03-24
CVE-2026-4715 Uninitialized memory in the Graphics: Canvas2D component — Firefox 8.8 -2026-03-24
CVE-2026-4716 Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component — Firefox 6.5 -2026-03-24
CVE-2026-4714 Incorrect boundary conditions in the Audio/Video component — Firefox 9.1 -2026-03-24
CVE-2026-4713 Incorrect boundary conditions in the Graphics component — Firefox 9.1 -2026-03-24
CVE-2026-4725 Sandbox escape due to use-after-free in the Graphics: Canvas2D component — Firefox 10.0 -2026-03-24
CVE-2026-4712 Information disclosure in the Widget: Cocoa component — Firefox 7.5 -2026-03-24
CVE-2026-4710 Incorrect boundary conditions in the Audio/Video component — Firefox 9.1 -2026-03-24
CVE-2026-4711 Use-after-free in the Widget: Cocoa component — Firefox 9.8 -2026-03-24
CVE-2026-4709 Incorrect boundary conditions in the Audio/Video: GMP component — Firefox 8.1 -2026-03-24
CVE-2026-4707 Incorrect boundary conditions in the Graphics: Canvas2D component — Firefox 9.1 -2026-03-24
CVE-2026-4708 Incorrect boundary conditions in the Graphics component — Firefox 9.1 -2026-03-24
CVE-2026-4705 Undefined behavior in the WebRTC: Signaling component — Firefox 5.3 -2026-03-24
CVE-2026-4706 Incorrect boundary conditions in the Graphics: Canvas2D component — Firefox 9.1 -2026-03-24
CVE-2026-4724 Undefined behavior in the Audio/Video component — Firefox 9.1 -2026-03-24
CVE-2026-4704 Denial-of-service in the WebRTC: Signaling component — Firefox 6.5 -2026-03-24
CVE-2026-4723 Use-after-free in the JavaScript Engine component — Firefox 9.8 -2026-03-24
CVE-2026-4702 JIT miscompilation in the JavaScript Engine component — Firefox 9.8 -2026-03-24
CVE-2026-4701 Use-after-free in the JavaScript Engine component — Firefox 9.8 -2026-03-24
CVE-2026-4722 Privilege escalation in the IPC component — Firefox 9.8 -2026-03-24
CVE-2026-4700 Mitigation bypass in the Networking: HTTP component — Firefox 8.1 -2026-03-24
CVE-2026-4698 JIT miscompilation in the JavaScript Engine: JIT component — Firefox 8.8 -2026-03-24
CVE-2026-4699 Incorrect boundary conditions in the Layout: Text and Fonts component — Firefox 9.1 -2026-03-24
CVE-2026-4697 Incorrect boundary conditions in the Audio/Video: Web Codecs component — Firefox 8.1 -2026-03-24
CVE-2026-4696 Use-after-free in the Layout: Text and Fonts component — Firefox 9.8 -2026-03-24
CVE-2026-4694 Incorrect boundary conditions, integer overflow in the Graphics component — Firefox 8.8 -2026-03-24

This page lists every published CVE security advisory associated with mozilla. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.