CVE-2026-12297

high

Description

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

References

https://www.mozilla.org/security/advisories/mfsa2026-61/

https://www.mozilla.org/security/advisories/mfsa2026-60/

https://www.mozilla.org/security/advisories/mfsa2026-59/

https://www.mozilla.org/security/advisories/mfsa2026-58/

https://www.mozilla.org/security/advisories/mfsa2026-57/

https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-12297.json

https://bugzilla.redhat.com/show_bug.cgi?id=2489235

https://bugzilla.mozilla.org/show_bug.cgi?id=2041610

https://access.redhat.com/security/cve/CVE-2026-12297

https://access.redhat.com/errata/RHSA-2026:39706

https://access.redhat.com/errata/RHSA-2026:39428

https://access.redhat.com/errata/RHSA-2026:39142

https://access.redhat.com/errata/RHSA-2026:39141

https://access.redhat.com/errata/RHSA-2026:39011

https://access.redhat.com/errata/RHSA-2026:38753

https://access.redhat.com/errata/RHSA-2026:38751

https://access.redhat.com/errata/RHSA-2026:38750

https://access.redhat.com/errata/RHSA-2026:38506

https://access.redhat.com/errata/RHSA-2026:37391

https://access.redhat.com/errata/RHSA-2026:37210

https://access.redhat.com/errata/RHSA-2026:36103

https://access.redhat.com/errata/RHSA-2026:36102

https://access.redhat.com/errata/RHSA-2026:36101

https://access.redhat.com/errata/RHSA-2026:36100

https://access.redhat.com/errata/RHSA-2026:33445

https://access.redhat.com/errata/RHSA-2026:30846

https://access.redhat.com/errata/RHSA-2026:29940

https://access.redhat.com/errata/RHSA-2026:27734

https://access.redhat.com/errata/RHSA-2026:27733

https://access.redhat.com/errata/RHSA-2026:27717

Details

Source: Mitre, NVD

Published: 2026-06-16

Updated: 2026-07-15

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00156