Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how mozilla compares to other vendors in security performance

View Risk Score →

Software

mozilla firefox
1384
mozilla thunderbird
1073
mozilla seamonkey
707
mozilla firefox esr
654
mozilla mozilla
103
mozilla focus
50
mozilla thunderbird esr
42
mozilla nss esr
38
mozilla mozilla suite
27
mozilla network security services
26
mozilla firefox mobile
19
mozilla firefox iphone os
14
mozilla firefox os
14
mozilla bugzilla
6
mozilla firefox focus iphone os
6
mozilla vpn
6
mozilla bleach
5
mozilla firefox android
5
mozilla firefox for ios
5
mozilla bonsai
4
mozilla camino
4
mozilla firefox and thunderbird
4
mozilla hubs cloud reticulum
4
mozilla firefox esr 115
3
mozilla firefox esr 140
3
mozilla firefox focus
3
mozilla nss
3
mozilla gecko
2
mozilla geckodriver
2
mozilla hubs cloud
2
mozilla mozilla vpn (1360) (android)
2
mozilla mozilla vpn (929) (ios)
2
mozilla mozilla vpn (linux)
2
mozilla mozilla vpn (macos)
2
mozilla mozilla vpn (windows)
2
mozilla pollbot
2
mozilla webthings gateway
2
mozilla 0din scanner
1
mozilla common voice
1
mozilla convict
1
mozilla convict node.js
1
mozilla durian web application server
1
mozilla firefox esr (115)
1
mozilla firefox esr (140)
1
mozilla firefox extensions
1
mozilla firefox focus android
1
mozilla firefox for android
1
mozilla firefoxos
1
mozilla focus for ios
1
mozilla geckb
1

oss-secOn the issue of MIME handlers that execute arbitrary code (e.g. Wine)

First published (updated )
https://seclists.org/oss-sec/2026/q2/610

Mozilla FirefoxSandbox escape in Firefox and Firefox Focus for Android

Risk 69
Severity
7.5
First published (updated )
CVE-2026-8945

Mozilla FirefoxSpoofing issue in the Toolbar component in Firefox for Android

Risk 37
Severity
6.5
First published (updated )
CVE-2026-8951

Mozilla Firefox ESR16 vulnerabilities

Risk 33
Severity
7
First published (updated )
MFSA2026-48

Same-origin policy bypass in the Networking: HTTP component

Risk 66
Severity
9.3
First published (updated )
CVE-2026-8950

Spoofing issue in the Form Autofill component

Risk 5
Severity
1
First published (updated )
CVE-2026-8961

Mitigation bypass in the DOM: Security component

Risk 5
Severity
1
First published (updated )
CVE-2026-8962

Incorrect boundary conditions in the Audio/Video: Web Codecs component

Risk 43
Severity
7.5
First published (updated )
CVE-2026-8946

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

Risk 43
Severity
7.5
First published (updated )
CVE-2026-8968

Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

Risk 80
Severity
9.6
First published (updated )
CVE-2026-8959

Privilege escalation in the Security component

Risk 51
Severity
7.3
First published (updated )
CVE-2026-8970

Use-after-free in the DOM: Bindings (WebIDL) component

Risk 51
Severity
7.3
First published (updated )
CVE-2026-8947

Incorrect boundary conditions, integer overflow in the Audio/Video component

Risk 43
Severity
7.5
First published (updated )
CVE-2026-8954

Sandbox escape due to use-after-free in the Disability Access APIs component

Risk 80
Severity
9.6
First published (updated )
CVE-2026-8953

Privilege escalation in the DOM: Workers component

Risk 40
Severity
6.5
First published (updated )
CVE-2026-8955

Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

Risk 86
Severity
9.8
First published (updated )
CVE-2026-8974

Information disclosure, sandbox escape in the Security: Process Sandboxing component

Risk 49
Severity
8.6
First published (updated )
CVE-2026-8958

Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

Risk 86
Severity
9.8
First published (updated )
CVE-2026-8975

Privilege escalation in the Enterprise Policies component

Risk 40
Severity
6.5
First published (updated )
CVE-2026-8957

Integer overflow in the Networking: JAR component

Risk 86
Severity
9.8
First published (updated )
CVE-2026-8956

Mozilla FirefoxInformation disclosure in the IP Protection component

Risk 5
Severity
1
First published (updated )
CVE-2026-8966
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Mozilla FirefoxSpoofing issue in WebExtensions

Risk 43
Severity
7.5
First published (updated )
CVE-2026-8960

Mozilla Firefox ESR4 vulnerabilities

Risk 33
Severity
7
First published (updated )
MFSA2026-47

Incorrect boundary conditions in the Audio/Video: Web Codecs component

Risk 43
Severity
7.5
First published (updated )
CVE-2026-8946

Use-after-free in the DOM: Bindings (WebIDL) component

Risk 51
Severity
7.3
First published (updated )
CVE-2026-8947

Sandbox escape due to use-after-free in the Disability Access APIs component

Risk 80
Severity
9.6
First published (updated )
CVE-2026-8953

Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

Risk 86
Severity
9.8
First published (updated )
CVE-2026-8975

Mozilla FirefoxInformation disclosure in the Graphics: WebGPU component

Risk 5
Severity
1
First published (updated )
CVE-2026-8967

Mozilla FirefoxPrivilege escalation in the Application Update component

Risk 40
Severity
6.5
First published (updated )
CVE-2026-8952

Mozilla FirefoxSame-origin policy bypass in the Networking: JAR component

Risk 40
Severity
6.5
First published (updated )
CVE-2026-8971
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Mozilla FirefoxSame-origin policy bypass in the DOM: Networking component

Risk 66
Severity
9.1
First published (updated )
CVE-2026-8948

Mozilla FirefoxInformation disclosure in the DOM: Security component

Risk 5
Severity
1
First published (updated )
CVE-2026-8965

Mozilla FirefoxMemory safety bugs fixed in Firefox 151

Risk 86
Severity
9.8
First published (updated )
CVE-2026-8973

Mozilla FirefoxPrivilege escalation in the WebRTC: Audio/Video component

Risk 40
Severity
6.5
First published (updated )
CVE-2026-8972

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203