VYPR
Vendor

Firefox

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2026-6768CriApr 21, 2026
    risk 0.64cvss 9.8epss 0.00

    Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-8093HigMay 7, 2026
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2.

  • CVE-2026-6758HigApr 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6751HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2006-5633Oct 31, 2006
    risk 0.04cvss epss 0.07

    Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a…

  • CVE-2008-5697Dec 22, 2008
    risk 0.03cvss epss 0.02

    The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 for Firefox allows remote attackers to write arbitrary data to the clipboard via a string argument.

  • CVE-2006-1650Apr 6, 2006
    risk 0.00cvss epss 0.01

    Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. …

  • CVE-2005-2429Aug 3, 2005
    risk 0.00cvss epss 0.01

    Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.