Security Vulnerabilities
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVSS Score
8.1
EPSS Score
0.004
Published
2026-05-19
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-05-19
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-05-19
Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-05-19
Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVSS Score
9.1
EPSS Score
0.004
Published
2026-05-19
Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVSS Score
7.5
EPSS Score
0.006
Published
2026-05-19
Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVSS Score
9.3
EPSS Score
0.002
Published
2026-05-19
Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151.
CVSS Score
6.5
EPSS Score
0.003
Published
2026-05-19
Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVSS Score
8.8
EPSS Score
0.004
Published
2026-05-19
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVSS Score
9.6
EPSS Score
0.005
Published
2026-05-19