CVE-2026-2806
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2006199
Tagged: Cybersecurity Alert
CVE-2026-2807
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...
CVE-2026-2796
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2013165
CVE-2026-2797
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2013561
CVE-2026-2798
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2014136
CVE-2026-2799
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2014551
CVE-2026-2800
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=1988145
CVE-2026-2801
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2009901
CVE-2026-2802
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2011069
CVE-2026-2803
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2012012
CVE-2026-2804
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2013584
CVE-2026-2795
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2010940
CVE-2026-2786
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2013612
CVE-2026-2787
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2014560