Memory Safety Bugs in Firefox and Thunderbird by Mozilla
CVE-2026-12326
8.1HIGH
What is CVE-2026-12326?
Mozilla's Firefox 151 and Thunderbird 151 contain memory safety vulnerabilities that may lead to memory corruption. While these bugs do not currently have known exploits, their presence raises concerns about potential arbitrary code execution if manipulated by an attacker. Users are encouraged to update to Firefox 152 and Thunderbird 152, where these vulnerabilities have been addressed, ensuring better security measures are in place.
Affected Version(s)
Firefox 152
Thunderbird 152
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Ashley Zebrowski, Christian Holler, Dan Baker, Jan de Mooij, Jon Coppeard, Maurice Dauer, Nicolas B. Pierron, Nika Layzell, Randell Jesup, Rob Wu, Ryan Hunt, Steve Fink, Tom Schuster, Tomoya Nakanishi, Yannis Juglaret, Serge Guelton and the Mozilla Fuzzing Team