Known Vulnerabilities for products from Mozilla
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mozilla".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-24869 json | Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability was fixed in Firefox 147.0.2. | Not Provided | 2026-01-27 | 2026-04-13 |
| CVE-2026-24868 json | Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2. | Not Provided | 2026-01-27 | 2026-04-13 |
| CVE-2026-6784 json | Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6783 json | Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firef... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6782 json | Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6781 json | Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6780 json | Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6779 json | Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6778 json | Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6777 json | Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6776 json | Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 1... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6775 json | Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6774 json | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6773 json | Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and ... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6772 json | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6771 json | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbir... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6770 json | Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6769 json | Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird ... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6768 json | Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2026-6767 json | Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 1... | Not Provided | 2026-04-21 | 2026-04-22 |
Known software with vulnerabilities from Mozilla
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mozilla | Bleach | 0.1.2 |
| Application | Mozilla | Bonsai | - |
| Application | Mozilla | Bugzilla | - |
| Application | Mozilla | Camino | - |
| Application | Mozilla | Durian Web Application Server | - |
| Application | Mozilla | Firefox | - |
| Operating System | Mozilla | Firefoxos | 1.2 |
| Application | Mozilla | Firefox Esr | 10.0 |
| Application | Mozilla | Firefox Mobile | 1.0 |
| Operating System | Mozilla | Firefox Os | - |
| Application | Mozilla | Gecko | - |
| Application | Mozilla | Mozilla | - |
| Application | Mozilla | Mozilla Mail | - |
| Application | Mozilla | Mozilla Suite | - |
| Application | Mozilla | Mozjpeg | 0.0.90 |
| Application | Mozilla | Netscape Portable Runtime | 4.1.1 |
| Application | Mozilla | Network Security Services | - |
| Application | Mozilla | Nss | 3.1 |
| Application | Mozilla | Nunjucks | 0.1.0 |
| Application | Mozilla | Persona | 7.x-1.0 |