Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Firefox  >> 127.0  Security Vulnerabilities
CVE-2026-2765
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-02-24
CVE-2026-2766
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-02-24
CVE-2026-2634
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability affects Firefox for iOS < 147.4.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-02-24
CVE-2026-2757
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-02-24
CVE-2026-2032
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-02-16
CVE-2026-2447
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-02-16
CVE-2026-24868
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 147.0.2.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-01-27
CVE-2026-24869
Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-01-27
CVE-2026-0885
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-01-13
CVE-2026-0886
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved