Description
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code.
Below is a complete list of vulnerabilities:
- Security vulnerability in the Graphics: WebRender component can be exploited to bypass security restrictions.
- Memory safety bug fixed in Firefox ESR 115
- A remote code execution vulnerability in the Networking: HTTP component can be exploited remotely to execute arbitrary code.
- Security vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- Security vulnerability in the DOM: Navigation component can be exploited to bypass security restrictions.
- Denial of service vulnerability in the Networking component can be exploited remotely to cause denial of service.
- JIT miscompilation in the DOM: Core & HTML component
- Security vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Denial of service vulnerability in the Internationalization component can be exploited remotely to cause denial of service.
- Denial of service vulnerability in the Graphics: ImageLib component can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Firefox ESR 115 can be exploited remotely to execute arbitrary code.
Original advisories
Exploitation
Related products
CVE list
- CVE-2026-12289 critical
- CVE-2026-12290 critical
- CVE-2026-12291 critical
- CVE-2026-12294 critical
- CVE-2026-12295 critical
- CVE-2026-12297 critical
- CVE-2026-12299 critical
- CVE-2026-12302 high
- CVE-2026-12325 high
- CVE-2026-12328 critical
- CVE-2026-12330 high
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!