Memory Safety Issue in Firefox by Mozilla
CVE-2026-12305

7.5HIGH

Key Information:

Vendor

Mozilla

Vendor
CVE Published:
16 June 2026

What is CVE-2026-12305?

A memory safety issue has been identified and addressed in multiple versions of Mozilla's Firefox browser. This vulnerability could potentially lead to program crashes or unintended information disclosure. The issue has been rectified in Firefox version 152 and Firefox ESR version 140.12, ensuring that user data remains secure and protected from possible exploitation. For users, the update is pivotal to maintaining the integrity and confidentiality of their online activities. Users are strongly encouraged to upgrade to the latest versions to safeguard against potential threats.

Affected Version(s)

Firefox 140.12

Firefox 152

Thunderbird 140.12

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Zijie Zhao
.