Mozilla Firefox
2587 CVEs affecting Mozilla Firefox. Latest disclosed: 2026-06-02. Critical: 46, High: 128.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-1931 | Critical | 10.0 | 2016-01-31 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruptio… |
CVE-2026-8956 | Critical | 9.8 | 2026-05-19 | Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
CVE-2026-8401 | Critical | 9.8 | 2026-05-12 | Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11. |
CVE-2026-8094 | Critical | 9.8 | 2026-05-07 | Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2. |
CVE-2026-8091 | Critical | 9.8 | 2026-05-07 | Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thund… |
CVE-2026-5735 | Critical | 9.8 | 2026-04-07 | Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough… |
CVE-2026-4698 | Critical | 9.8 | 2026-03-24 | JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149… |
CVE-2026-2786 | Critical | 9.8 | 2026-02-24 | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. |
CVE-2007-5341 | Critical | 9.8 | 2017-08-18 | Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8. |
CVE-2017-5461 | Critical | 9.8 | 2017-05-11 | Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attack… |
CVE-2016-5281 | Critical | 9.8 | 2016-09-22 | Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attac… |
CVE-2016-5280 | Critical | 9.8 | 2016-09-22 | Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before… |
CVE-2016-5277 | Critical | 9.8 | 2016-09-22 | Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows… |
CVE-2016-5276 | Critical | 9.8 | 2016-09-22 | Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4… |
CVE-2016-5274 | Critical | 9.8 | 2016-09-22 | Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird <… |
CVE-2016-5270 | Critical | 9.8 | 2016-09-22 | Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thu… |
CVE-2016-5257 | Critical | 9.8 | 2016-09-22 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote att… |
CVE-2016-5256 | Critical | 9.8 | 2016-09-22 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruptio… |
CVE-2016-5254 | Critical | 9.8 | 2016-08-05 | Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to exe… |
CVE-2016-0718 | Critical | 9.8 | 2016-05-26 | Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers… |