Information Disclosure Vulnerability in Firefox WebGPU Component
CVE-2026-12303

4.3MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 16 June 2026

What is CVE-2026-12303?

An information disclosure vulnerability exists in the WebGPU component of Firefox due to incorrect boundary conditions. This flaw could allow an attacker to gain unauthorized access to sensitive information. The issue was identified and subsequently resolved in Firefox version 152, addressing the potential risks associated with this vulnerability. For further details, refer to Mozilla's security advisories and related discussions.

Affected Version(s)

Firefox 152

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2034608

https://www.mozilla.org/security/advisories/mfsa2026-57/

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
Jun 15, 2026

Credit

Michal Andryskowski

CVE-2026-12303 Data

JSON