Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-2804

Summary
Assigner-mozilla
Assigner Org ID-f16b083a-5664-49f3-a51e-8d479e5ed7fe
Published At-24 Feb, 2026 | 13:33
Updated At-24 Feb, 2026 | 17:30
Rejected At-
Credits

Use-after-free in the JavaScript: WebAssembly component

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mozilla
Assigner Org ID:f16b083a-5664-49f3-a51e-8d479e5ed7fe
Published At:24 Feb, 2026 | 13:33
Updated At:24 Feb, 2026 | 17:30
Rejected At:
▼CVE Numbering Authority (CNA)
Use-after-free in the JavaScript: WebAssembly component

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Affected Products
Vendor
Mozilla CorporationMozilla
Product
Firefox
Versions
Affected
  • From unspecified before 148 (custom)
Vendor
Mozilla CorporationMozilla
Product
Thunderbird
Versions
Affected
  • From unspecified before 148 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Information to follow
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.mozilla.org/show_bug.cgi?id=2013584
N/A
https://www.mozilla.org/security/advisories/mfsa2026-13/
N/A
https://www.mozilla.org/security/advisories/mfsa2026-16/
N/A
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=2013584
Resource: N/A
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2026-13/
Resource: N/A
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2026-16/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mozilla.org
Published At:24 Feb, 2026 | 14:16
Updated At:24 Feb, 2026 | 21:52

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.mozilla.org/show_bug.cgi?id=2013584security@mozilla.org
N/A
https://www.mozilla.org/security/advisories/mfsa2026-13/security@mozilla.org
N/A
https://www.mozilla.org/security/advisories/mfsa2026-16/security@mozilla.org
N/A
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=2013584
Source: security@mozilla.org
Resource: N/A
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2026-13/
Source: security@mozilla.org
Resource: N/A
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2026-16/
Source: security@mozilla.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

216Records found
CVE-2024-11696
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 13.75%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 13:33
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbirdfirefoxfirefox_esrthunderbird
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2025-1015
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-30.60% / 96.60%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 13:58
Updated-10 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdThunderbird
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2025-10531
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 7.87%
||
7 Day CHG~0.00%
Published-16 Sep, 2025 | 12:26
Updated-30 Oct, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mitigation bypass in the Web Compatibility: Tooling component

Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability affects Firefox < 143 and Thunderbird < 143.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxThunderbird
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2023-37455
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.19% / 40.84%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 13:46
Updated-07 Nov, 2024 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox for iOS
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2024-5698
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.40% / 60.42%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 12:40
Updated-14 Mar, 2025 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CWE ID-CWE-451
User Interface (UI) Misrepresentation of Critical Information
CVE-2024-53976
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.18% / 38.83%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 13:34
Updated-04 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS < 133.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox for iOS
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2023-25730
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.10% / 26.49%
||
7 Day CHG~0.00%
Published-02 Jun, 2023 | 00:00
Updated-10 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefox_esrthunderbirdfirefoxThunderbirdFirefoxFirefox ESR
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2025-54144
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 7.94%
||
7 Day CHG~0.00%
Published-19 Aug, 2025 | 20:52
Updated-21 Aug, 2025 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS < 141.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox for iOS
CWE ID-CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CVE-2025-5267
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.09% / 25.35%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 12:29
Updated-03 Nov, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clickjacking vulnerability could have led to leaking saved payment card details

A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefoxFirefox ESRThunderbird
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2019-11761
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.44% / 62.87%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 19:52
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-27426
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 9.69%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 13:31
Updated-03 Apr, 2025 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS < 136.

Action-Not Available
Vendor-Apple Inc.Mozilla Corporation
Product-firefoxiphone_osFirefox for iOS
CWE ID-CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CVE-2024-11695
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.13% / 32.53%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 13:33
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2022-28286
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.19% / 41.20%
||
7 Day CHG~0.00%
Published-22 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdfirefox_esrfirefoxFirefox ESRFirefoxThunderbird
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2024-10460
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.43% / 62.12%
||
7 Day CHG+0.01%
Published-29 Oct, 2024 | 12:19
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-346
Origin Validation Error
CVE-2023-6206
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.39% / 59.80%
||
7 Day CHG~0.00%
Published-21 Nov, 2023 | 14:28
Updated-13 Feb, 2025 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

Action-Not Available
Vendor-Debian GNU/LinuxMozilla Corporation
Product-firefoxthunderbirddebian_linuxfirefox_esrFirefox ESRFirefoxThunderbird
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2020-6803
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.27% / 50.57%
||
7 Day CHG~0.00%
Published-28 Feb, 2020 | 22:34
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open redirect in Mozilla WebThings Gateway

An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.

Action-Not Available
Vendor-Mozilla Corporation
Product-webthings_gatewayWebThings Gateway
CWE ID-CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CVE-2022-1197
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.24% / 46.73%
||
7 Day CHG~0.00%
Published-22 Dec, 2022 | 00:00
Updated-16 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8.

Action-Not Available
Vendor-Mozilla Corporation
Product-thunderbirdThunderbird
CWE ID-CWE-295
Improper Certificate Validation
CVE-2025-14860
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 20.77%
||
7 Day CHG~0.00%
Published-18 Dec, 2025 | 14:21
Updated-30 Dec, 2025 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the Disability Access APIs component

Use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 146.0.1.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2025-14326
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 18.51%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 13:38
Updated-11 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the Audio/Video: GMP component

Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-14321
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 20.60%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 13:37
Updated-11 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the WebRTC: Signaling component

Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefox ESRFirefoxThunderbird
CWE ID-CWE-416
Use After Free
CVE-2021-29972
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.47% / 64.01%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 19:46
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox < 90.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2021-29970
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.74% / 72.62%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 19:46
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6819
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-0.33% / 55.37%
||
7 Day CHG~0.00%
Published-24 Apr, 2020 | 15:56
Updated-04 Nov, 2025 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbirdFirefox and Thunderbird
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2026-24869
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-0.03% / 10.29%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 15:58
Updated-30 Jan, 2026 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the Layout: Scrolling and Overflow component

Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2021-29985
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.90%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 19:12
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2020-6807
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.78% / 73.33%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 21:13
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2023-5174
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.00%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 14:13
Updated-05 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefox_esrthunderbirdwindowsfirefoxFirefox ESRThunderbirdFirefox
CWE ID-CWE-416
Use After Free
CVE-2025-13020
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.51%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 15:47
Updated-25 Nov, 2025 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the WebRTC: Audio/Video component

Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-12380
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 18.34%
||
7 Day CHG~0.00%
Published-28 Oct, 2025 | 14:06
Updated-19 Dec, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in WebGPU internals triggered from a compromised child process

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox < 144.0.2.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2023-5172
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.82%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 14:13
Updated-01 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2020-26959
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.50% / 65.31%
||
7 Day CHG~0.00%
Published-09 Dec, 2020 | 00:22
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2020-26972
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 66.29%
||
7 Day CHG~0.00%
Published-07 Jan, 2021 | 13:53
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2026-2769
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-24 Feb, 2026 | 13:33
Updated-24 Feb, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the Storage: IndexedDB component

Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Action-Not Available
Vendor-Mozilla Corporation
Product-ThunderbirdFirefoxFirefox ESR
CWE ID-CWE-416
Use After Free
CVE-2026-2798
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-24 Feb, 2026 | 13:33
Updated-24 Feb, 2026 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the DOM: Core & HTML component

Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Action-Not Available
Vendor-Mozilla Corporation
Product-ThunderbirdFirefox
CWE ID-CWE-416
Use After Free
CVE-2023-5175
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 58.06%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 14:13
Updated-01 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2026-0882
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.02% / 4.18%
||
7 Day CHG-0.03%
Published-13 Jan, 2026 | 13:30
Updated-22 Jan, 2026 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the IPC component

Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefox ESRFirefoxThunderbird
CWE ID-CWE-416
Use After Free
CVE-2026-0885
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 5.11%
||
7 Day CHG-0.04%
Published-13 Jan, 2026 | 13:30
Updated-22 Jan, 2026 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in the JavaScript: GC component

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefox ESRFirefoxThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-11719
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.08% / 22.83%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 12:27
Updated-14 Nov, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free caused by the native messaging web extension API on Windows

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsthunderbirdFirefoxThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-11708
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.09% / 25.33%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 12:27
Updated-03 Nov, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use-after-free in MediaTrackGraphImpl::GetInstance()

Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-1931
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 75.74%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 13:31
Updated-03 Nov, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2017-5432
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.92% / 83.03%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdfirefoxenterprise_linuxenterprise_linux_desktopenterprise_linux_serverdebian_linuxenterprise_linux_server_eusenterprise_linux_workstationenterprise_linux_server_ausThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2017-5439
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.92% / 83.03%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdfirefoxenterprise_linuxenterprise_linux_desktopenterprise_linux_serverdebian_linuxenterprise_linux_server_eusenterprise_linux_workstationenterprise_linux_server_ausThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2017-5434
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.92% / 83.03%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdfirefoxenterprise_linux_desktopenterprise_linux_serverdebian_linuxenterprise_linux_workstationThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2025-1009
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.00% / 76.68%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 13:58
Updated-03 Nov, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2017-5376
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.80% / 82.50%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdfirefoxenterprise_linuxenterprise_linux_desktopenterprise_linux_serverdebian_linuxenterprise_linux_server_eusenterprise_linux_workstationenterprise_linux_server_ausThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2017-5031
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.76% / 72.97%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Action-Not Available
Vendor-Microsoft CorporationMozilla CorporationGoogle LLC
Product-chromewindowsFirefoxFirefox ESR
CWE ID-CWE-416
Use After Free
CVE-2025-1010
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.64% / 70.12%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 13:58
Updated-03 Nov, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-10527
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-7.1||HIGH
EPSS-0.05% / 15.98%
||
7 Day CHG+0.01%
Published-16 Sep, 2025 | 12:26
Updated-03 Nov, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sandbox escape due to use-after-free in the Graphics: Canvas2D component

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2025-1012
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 72.30%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 13:58
Updated-03 Nov, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2017-5379
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-1.75% / 82.29%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found