CVE-2026-4712: Information disclosure in the Widget: Cocoa component
Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.
Other sources
Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
— MITRE
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2026-4684
- CVE-2026-4685
- CVE-2026-4686
- CVE-2026-4687
- CVE-2026-4688
- CVE-2026-4689
- CVE-2026-4690
- CVE-2026-4691
- CVE-2026-4692
- CVE-2026-4693
- CVE-2026-4694
- CVE-2026-4695
- CVE-2026-4696
- CVE-2026-4697
- CVE-2026-4698
- CVE-2026-4699
- CVE-2026-4700
- CVE-2026-4701
- CVE-2026-4722
- CVE-2026-4702
- CVE-2026-4723
- CVE-2026-4724
- CVE-2026-4704
- CVE-2026-4705
- CVE-2026-4706
- CVE-2026-4707
- CVE-2026-4708
- CVE-2026-4709
- CVE-2026-4710
- CVE-2026-4711
- CVE-2026-4725
- CVE-2026-4712
- CVE-2026-4713
- CVE-2026-4714
- CVE-2026-4715
- CVE-2026-4716
- CVE-2026-4717
- CVE-2026-4726
- CVE-2025-59375
- CVE-2026-4727
- CVE-2026-4728
- CVE-2026-4718
- CVE-2026-4719
- CVE-2026-4720
- CVE-2026-4729
- CVE-2026-4721
- CVE-2026-3889
- CVE-2026-4371
Frequently Asked Questions
What is the severity of CVE-2026-4712?
CVE-2026-4712 is classified as a moderate severity vulnerability due to information disclosure risks.
How do I fix CVE-2026-4712?
To fix CVE-2026-4712, update Mozilla Firefox to version 149 or higher, or Firefox ESR to version 140.9 or higher.
What software is affected by CVE-2026-4712?
CVE-2026-4712 affects Firefox versions below 149 and Firefox ESR versions below 140.9.
What type of vulnerability is CVE-2026-4712?
CVE-2026-4712 is an information disclosure vulnerability that can expose sensitive data.
Who is the vendor responsible for CVE-2026-4712?
The vendor responsible for CVE-2026-4712 is Mozilla, which develops Firefox and Firefox ESR.