Mozilla CVEs & Vulnerabilities

247 CVEs affecting Mozilla products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

firefox 242thunderbird 188firefox mobile 2firefox focus 10din scanner 1
CVE-2026-2760CRITICAL

Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

24 Feb 2026
10.0
CVSS
CVE-2026-2759CRITICAL

Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

24 Feb 2026
9.8
CVSS
CVE-2026-2758CRITICAL

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

24 Feb 2026
9.8
CVSS
CVE-2026-2757CRITICAL

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

24 Feb 2026
9.8
CVSS
CVE-2026-2634CRITICAL

Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability affects Firefox for iOS < 147.4.

24 Feb 2026
9.8
CVSS
CVE-2026-2447HIGH

Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.

16 Feb 2026
8.8
CVSS
CVE-2026-2032MEDIUM

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.

16 Feb 2026
4.3
CVSS
← PrevPage 6 / 6Next →