Boundary Condition Flaw in Firefox Web Browser by Mozilla
CVE-2026-12330

5.4MEDIUM

Key Information:

Vendor

Mozilla

Vendor
CVE Published:
16 June 2026

What is CVE-2026-12330?

The vulnerability in the Internationalization component of Firefox stems from incorrect boundary conditions that could potentially lead to unexpected behavior or exploitation. This issue has been addressed in Firefox ESR versions 140.12 and 115.37, emphasizing the importance of updating to secure versions. Users are advised to review the update details and apply necessary patches to maintain security.

Affected Version(s)

Thunderbird 140.12

Firefox 115.37

Firefox 140.12

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mozilla Fuzzing Team
.