Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12628
Total
849
Critical
3640
High
3960
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2025-10354 | UNKNOWN | — | Cross-Site Scripting (XSS) vulnerability reflected in Semantic MediaWiki. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a … | Apr 21, 2026 |
| CVE-2026-6784 | HIGH | 7.5 | Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough … | Apr 21, 2026 |
| CVE-2026-6783 | MEDIUM | 5.3 | Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6782 | HIGH | 7.5 | Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6781 | HIGH | 7.5 | Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6780 | HIGH | 7.5 | Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6779 | MEDIUM | 5.3 | Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6778 | MEDIUM | 5.3 | Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6777 | MEDIUM | 5.3 | Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6776 | HIGH | 7.8 | Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6775 | MEDIUM | 5.3 | Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6774 | MEDIUM | 5.4 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6773 | HIGH | 7.5 | Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6772 | HIGH | 7.5 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and … | Apr 21, 2026 |
| CVE-2026-6771 | CRITICAL | 9.8 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6770 | MEDIUM | 6.5 | Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6769 | HIGH | 8.8 | Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6768 | CRITICAL | 9.8 | Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. | Apr 21, 2026 |
| CVE-2026-6767 | MEDIUM | 5.3 | Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird … | Apr 21, 2026 |
| CVE-2026-6766 | HIGH | 7.5 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6765 | MEDIUM | 5.3 | Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6764 | MEDIUM | 6.5 | Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6763 | MEDIUM | 6.5 | Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |
| CVE-2026-6762 | UNKNOWN | — | Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and … | Apr 21, 2026 |
| CVE-2026-6761 | HIGH | 8.8 | Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | Apr 21, 2026 |