Search CVE reports

231 – 240 of 2489 results

Detailed view

Sort by:

CVE-2026-2785

Medium priority

Vulnerable

Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2784

Medium priority

Vulnerable

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2783

Medium priority

Vulnerable

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2782

Medium priority

Vulnerable

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2781

Medium priority

Some fixes available 8 of 9

Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35.

3 affected packages

firefox, nss, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
nss	Fixed	Fixed	Fixed	Fixed	Fixed
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2780

Medium priority

Vulnerable

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2779

Medium priority

Vulnerable

Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2777

Medium priority

Vulnerable

Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

CVE-2026-2776

Medium priority

Vulnerable

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
mozjs102	Not in release	Ignored	Ignored	—	—
mozjs115	Not in release	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	—	Needs evaluation
mozjs52	Not in release	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Not in release	Ignored	—	—
mozjs91	Not in release	Not in release	Ignored	—	—
thunderbird	Not affected	Not affected	Vulnerable	—	—

Export to JSON

Results by page: