Mozilla Security Vulnerabilities (CVEs)
Track 365 security vulnerabilities affecting Mozilla products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability involves uninitialized memory in Firefox's Graphics: Text component, which could allow attackers to read sensitive data from memory...
Feb 24, 2026This CVE describes a use-after-free vulnerability in Firefox's DOM Core & HTML components that could allow attackers to execute arbitrary code or caus...
Feb 24, 2026A race condition vulnerability in Firefox's JavaScript garbage collector (GC) component could allow attackers to execute arbitrary code or cause denia...
Feb 24, 2026A use-after-free vulnerability in Firefox's WebAssembly JavaScript component allows attackers to execute arbitrary code by manipulating freed memory. ...
Feb 24, 2026A spoofing vulnerability in the WebAuthn component of Firefox for Android allows attackers to potentially impersonate legitimate websites during authe...
Feb 24, 2026A JIT miscompilation vulnerability in Firefox's JavaScript: WebAssembly component could allow arbitrary code execution when processing malicious web c...
Feb 24, 2026Memory safety vulnerabilities in Mozilla Firefox and Thunderbird could allow memory corruption attacks. With sufficient effort, attackers could exploi...
Feb 24, 2026A use-after-free vulnerability in Firefox's JavaScript engine allows attackers to execute arbitrary code by tricking users into visiting malicious web...
Feb 24, 2026This CVE describes a same-origin policy bypass vulnerability in Firefox's JAR (Java Archive) networking component. It allows malicious websites to acc...
Feb 24, 2026This vulnerability allows attackers to read uninitialized memory in Firefox and Firefox Focus for Android, potentially exposing sensitive information....
Feb 24, 2026This vulnerability involves incorrect boundary conditions in the GMP (Gecko Media Plugins) audio/video component of Firefox, which could allow memory ...
Feb 24, 2026This CVE describes a privilege escalation vulnerability in Firefox's Netmonitor component that allows attackers to gain elevated privileges on affecte...
Feb 24, 2026This CVE describes a privilege escalation vulnerability in Firefox's Netmonitor component. Attackers could exploit this to gain elevated privileges wi...
Feb 24, 2026This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect boundary conditions. Attackers could potentially b...
Feb 24, 2026This CVE describes a sandbox escape vulnerability in Firefox's DOM Core & HTML component due to incorrect boundary conditions. It allows malicious web...
Feb 24, 2026This CVE describes a DOM security component mitigation bypass vulnerability in Firefox. Attackers could potentially bypass security controls to execut...
Feb 24, 2026An integer overflow vulnerability in Firefox's Audio/Video component could allow attackers to execute arbitrary code or cause denial of service. This ...
Feb 24, 2026This CVE describes a sandbox escape vulnerability in Firefox's IndexedDB storage component. Attackers could potentially break out of browser security ...
Feb 24, 2026This CVE describes a use-after-free vulnerability in Firefox's DOM Bindings (WebIDL) component that could allow an attacker to execute arbitrary code....
Feb 24, 2026A use-after-free vulnerability in Firefox's audio/video playback component allows attackers to execute arbitrary code or cause crashes. This affects F...
Feb 24, 2026A use-after-free vulnerability in Firefox's JavaScript garbage collector component allows attackers to execute arbitrary code by manipulating memory a...
Feb 24, 2026This CVE describes a sandbox escape vulnerability in Firefox's WebRender graphics component due to incorrect boundary conditions. It allows attackers ...
Feb 24, 2026An integer overflow vulnerability in Firefox's JavaScript Standard Library component could allow attackers to execute arbitrary code or cause denial o...
Feb 24, 2026This CVE describes a use-after-free vulnerability in Firefox's JavaScript JIT compiler that could allow arbitrary code execution. It affects Firefox v...
Feb 24, 2026A use-after-free vulnerability in Firefox's JavaScript JIT engine allows attackers to execute arbitrary code by tricking users into visiting malicious...
Feb 24, 2026This vulnerability in Firefox for iOS allows malicious scripts to desynchronize the address bar from actual web content before a server response arriv...
Feb 24, 2026A heap buffer overflow vulnerability in libvpx video codec library allows attackers to execute arbitrary code or cause denial of service. This affects...
Feb 16, 2026This vulnerability in Thunderbird allows attackers to exfiltrate decrypted OpenPGP email contents through CSS injection when users load remote content...
Jan 28, 2026This CVE describes a mitigation bypass vulnerability in Firefox's Privacy: Anti-Tracking component that could allow attackers to circumvent privacy pr...
Jan 27, 2026A use-after-free vulnerability in Firefox's Layout: Scrolling and Overflow component allows attackers to execute arbitrary code by tricking users into...
Jan 27, 2026This CVE describes a use-after-free vulnerability in the JavaScript garbage collection component of Mozilla products. Attackers could exploit this to ...
Jan 13, 2026A memory corruption vulnerability in Firefox and Thunderbird's graphics component due to incorrect boundary conditions. This could allow attackers to ...
Jan 13, 2026This CVE describes a clickjacking vulnerability in the PDF Viewer component of Mozilla products that could allow information disclosure. Attackers cou...
Jan 13, 2026This CVE describes an information disclosure vulnerability in the XML component of Firefox and Thunderbird. It allows attackers to potentially access ...
Jan 13, 2026A denial-of-service vulnerability in Firefox and Thunderbird's DOM Service Workers component allows attackers to crash the browser or email client. Th...
Jan 13, 2026This CVE describes a spoofing vulnerability in Firefox and Thunderbird's DOM copy-paste and drag-drop components. Attackers can manipulate clipboard o...
Jan 13, 2026This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potenti...
Jan 13, 2026This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potenti...
Jan 13, 2026This CVE describes a mitigation bypass vulnerability in the DOM Security component of Mozilla products. It allows attackers to circumvent security pro...
Jan 13, 2026This CVE describes a sandbox escape vulnerability in the Graphics: CanvasWebGL component due to incorrect boundary conditions. It allows attackers to ...
Jan 13, 2026This CVE describes a sandbox escape vulnerability in the Graphics component of Mozilla products due to incorrect boundary conditions. Attackers could ...
Jan 13, 2026This CVE describes an integer overflow vulnerability in the Graphics component of Mozilla products that allows sandbox escape. Attackers could exploit...
Jan 13, 2026This CVE describes a sandbox escape vulnerability in the Messaging System component of Firefox and Thunderbird. Attackers can potentially execute arbi...
Jan 13, 2026A use-after-free vulnerability in Firefox and Thunderbird's IPC component allows attackers to execute arbitrary code or cause denial of service. This ...
Jan 13, 2026This CVE describes an information disclosure vulnerability in the Networking component of Mozilla products. It allows attackers to potentially access ...
Jan 13, 2026A use-after-free vulnerability in the JavaScript Engine component allows attackers to execute arbitrary code or cause denial of service. This affects ...
Jan 13, 2026A use-after-free vulnerability in Firefox's Disability Access APIs allows attackers to execute arbitrary code by manipulating freed memory. This affec...
Dec 18, 2025CVE-2025-14861 is a memory safety vulnerability in Firefox that could allow attackers to execute arbitrary code on affected systems. The vulnerability...
Dec 18, 2025This vulnerability allows malicious websites to use Unicode Right-to-Left Override (RTLO) characters to spoof filenames in Firefox for iOS downloads U...
Dec 18, 2025A JIT (Just-In-Time) compilation vulnerability in Mozilla's JavaScript engine allows memory corruption through miscompiled code. This affects Firefox,...
Dec 9, 2025Why Monitor Mozilla Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 365+ known vulnerabilities affecting Mozilla products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Mozilla packages in under 60 seconds. No agents required - completely agentless scanning that works across Mozilla deployments.
Free vulnerability database: Access detailed information about every Mozilla CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Mozilla CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
