Total
2909 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-2770 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2768 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 10.0 CRITICAL |
| Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-24869 | 1 Mozilla | 1 Firefox | 2026-02-26 | N/A | 8.8 HIGH |
| Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2. | |||||
| CVE-2026-2803 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 7.5 HIGH |
| Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | |||||
| CVE-2026-2801 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 7.5 HIGH |
| Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | |||||
| CVE-2026-2800 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148. | |||||
| CVE-2026-2794 | 1 Mozilla | 1 Firefox | 2026-02-26 | N/A | 7.5 HIGH |
| Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148. | |||||
| CVE-2026-2790 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2787 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2786 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2785 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2783 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 7.5 HIGH |
| Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2781 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2774 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2767 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2761 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 10.0 CRITICAL |
| Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2760 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 10.0 CRITICAL |
| Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2759 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2758 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||
| CVE-2026-2757 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | N/A | 9.8 CRITICAL |
| Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | |||||