Vulnerabilities in mozilla
1,863 resultsCVE-2026-6765MEDIUMInformation disclosure in the Form Autofill componentEPSS 0.2%CVE-2022-3155HIGHWhen saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the recEPSS 0.2%CVE-2025-6430MEDIUMContent-Disposition header ignored when a file is included in an embed or object tagEPSS 0.2%CVE-2025-27425MEDIUMQR code user confirmation bypass with invalid protocolEPSS 0.2%CVE-2025-11716MEDIUMSandboxed iframes allowed links to open in external apps (Android only)EPSS 0.2%CVE-2025-6703LOWtransport/fc.rs: panic attempting to send MAX_DATA with value larger max varintEPSS 0.2%CVE-2025-11711MEDIUMSome non-writable Object properties could be modifiedEPSS 0.2%CVE-2026-12319MEDIUMDenial-of-service in the Audio/Video: Playback componentEPSS 0.2%CVE-2025-6431MEDIUMThe prompt in Firefox for Android that asks before opening a link in an external application could be bypassedEPSS 0.2%CVE-2025-54144MEDIUMInternal Firefox open-text URL scheme allowed loading of arbitrary URLsEPSS 0.2%CVE-2026-12324HIGHIncorrect boundary conditions in the Graphics: CanvasWebGL componentEPSS 0.2%CVE-2019-11736—The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the repEPSS 0.2%CVE-2025-8364MEDIUMAddress bar spoofing using an blob URI on Firefox for AndroidEPSS 0.2%CVE-2025-14861HIGHMemory safety bugs fixed in Firefox 146.0.1EPSS 0.2%CVE-2026-6775MEDIUMIncorrect boundary conditions in the WebRTC componentEPSS 0.2%CVE-2024-11703MEDIUMOn Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerabilitEPSS 0.2%CVE-2026-6779MEDIUMOther issue in the JavaScript Engine componentEPSS 0.2%CVE-2025-55028MEDIUMJavaScript alerts could impede UI interaction or allow denial of service attacksEPSS 0.2%CVE-2025-13012HIGHRace condition in the Graphics componentEPSS 0.2%CVE-2026-8971MEDIUMSame-origin policy bypass in the Networking: JAR componentEPSS 0.2%