Memory Safety Bug in Firefox Affects Mozilla Products
CVE-2026-12309

6.5MEDIUM

Key Information:

Vendor

Mozilla

Vendor
CVE Published:
16 June 2026

What is CVE-2026-12309?

A memory safety issue has been identified and resolved in Firefox, affecting versions 152 and Firefox ESR 140.12. This security flaw could allow an attacker to exploit the browser, potentially leading to unauthorized access and system instability. Users are strongly encouraged to update to the latest versions to ensure protection against these vulnerabilities.

Affected Version(s)

Firefox 140.12

Firefox 152

Thunderbird 140.12

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Yaqoub Aldurayhim
.