Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

mozilla — Vulnerabilities & Security Advisories 1773

Browse all 1773 CVE security advisories affecting mozilla. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Mozilla operates as a non-profit organization primarily known for developing the Firefox web browser and maintaining the Gecko rendering engine. Its software portfolio serves millions of users globally, focusing on open-source web technologies and privacy-centric browsing solutions. Historically, the codebase has been susceptible to a wide array of vulnerabilities, including remote code execution, cross-site scripting, and memory corruption issues such as buffer overflows. These flaws often stem from complex JavaScript engines and network stack implementations. While Mozilla maintains a robust security response team and regularly issues patches, the sheer volume of recorded Common Vulnerabilities and Exposures highlights the challenges inherent in maintaining large-scale, cross-platform applications. The organization continues to prioritize security audits and community-driven bug bounty programs to mitigate risks associated with its extensive feature set and widespread adoption.

Found 268 results / 1773Clear Filters
Top products by mozilla: Firefox Thunderbird Firefox ESR Firefox for iOS Firefox for Android Focus for iOS Thunderbird ESR nss Mozilla VPN Hubs Cloud WebThings Gateway Mozilla Bleach Focus sccache Nunjucks Convict PollBot Mozilla VPN 2.28.0 neqo rhino thin-vec common-voice Mozilla VPN 2.16.1 hawk geckodriver Mozilla VPN iOS 1.0.7 Firefox for Bugzilla Network Security Services (NSS) Network Security Services
CVE IDTitleCVSSSeverityPublished
CVE-2026-4371 Out of bounds read in IMAP parsing — Thunderbird 8.1 -2026-03-24
CVE-2026-3889 Spoofing issue in Thunderbird — Thunderbird 4.3 -2026-03-24
CVE-2026-0818 CSS-based exfiltration of the content from partially encrypted emails when allowing remote content — Thunderbird 6.5AIMediumAI2026-01-28
CVE-2025-5986 Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links — Thunderbird 6.5AIMediumAI2025-06-11
CVE-2025-5262 Mozilla Thunderbird 安全漏洞 — Thunderbird 9.8 -2025-05-27
CVE-2025-3932 Tracking Links in Attachments Bypassed Remote Content Blocking — Thunderbird 4.3AIMediumAI2025-05-14
CVE-2025-3909 JavaScript Execution via Spoofed PDF Attachment and file:/// Link — Thunderbird 6.1AIMediumAI2025-05-14
CVE-2025-3875 Sender Spoofing via Malformed From Header in Thunderbird — Thunderbird 4.3AIMediumAI2025-05-14
CVE-2025-3523 User Interface (UI) Misrepresentation of attachment URL — Thunderbird 7.4AIHighAI2025-04-15
CVE-2025-3522 Leak of hashed Window credentials via crafted attachment URL — Thunderbird 7.1AIHighAI2025-04-15
CVE-2025-2830 Information Disclosure of /tmp directory listing — Thunderbird 4.3AIMediumAI2025-04-15
CVE-2025-26696 Crafted email message incorrectly shown as being encrypted — Thunderbird 7.5 -2025-03-10
CVE-2025-26695 Downloading of OpenPGP keys from WKD used incorrect padding — Thunderbird 5.3 -2025-03-10
CVE-2025-1015 Unsanitized address book fields — Thunderbird 6.1 -2025-02-04
CVE-2025-0510 Address of e-mail sender can be spoofed by malicious email — Thunderbird 4.3 -2025-02-04
CVE-2024-11159 Mozilla Thunderbird 安全漏洞 — Thunderbird 7.5AIHighAI2024-11-13
CVE-2024-8394 Mozilla Thunderbird 安全漏洞 — Thunderbird 7.5 -2024-09-06
CVE-2024-1936 Mozilla Thunderbird 安全漏洞 — Thunderbird 6.5AIMediumAI2024-03-04
CVE-2023-50761 Mozilla Thunderbird 安全漏洞 — Thunderbird 4.3AIMediumAI2023-12-19
CVE-2023-50762 Mozilla Thunderbird 安全漏洞 — Thunderbird 6.5AIMediumAI2023-12-19
CVE-2023-3417 File Extension Spoofing using the Text Direction Override Character — Thunderbird 6.5 -2023-07-24
CVE-2023-0547 Mozilla Thunderbird 信任管理问题漏洞 — Thunderbird 6.5 -2023-06-02
CVE-2023-25746 Mozilla Firefox ESR 缓冲区错误漏洞 — Thunderbird 8.8 -2023-06-02
CVE-2023-1945 Mozilla Firefox ESR 缓冲区错误漏洞 — Thunderbird 8.8 -2023-06-02
CVE-2023-0430 Mozilla Thunderbird 信任管理问题漏洞 — Thunderbird--2023-06-02
CVE-2023-0616 Mozilla Firefox ESR 资源管理错误漏洞 — Thunderbird 6.5 -2023-06-02
CVE-2021-43529 Mozilla Thunderbird 缓冲区错误漏洞 — Thunderbird 9.8 -2023-02-16
CVE-2022-28282 Mozilla Firefox 资源管理错误漏洞 — Thunderbird 8.1 -2022-12-22
CVE-2022-28285 Mozilla Firefox 缓冲区错误漏洞 — Thunderbird 6.5 -2022-12-22
CVE-2022-28289 Mozilla Firefox 缓冲区错误漏洞 — Thunderbird 8.8 -2022-12-22

This page lists every published CVE security advisory associated with mozilla. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.