Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

slackware SSA:2026-168-03: [slackware-security] mozilla-firefox (SSA:2026-168-03)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:27717 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Sandbox escape in the DOM: Workers component (CVE-2026-12294)

    * firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing     component (CVE-2026-12313)

    * firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing     component (CVE-2026-12311)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12290)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox     152 and Thunderbird 152 (CVE-2026-12327)

    * firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component (CVE-2026-12299)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12329)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12312)

    * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12302)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird     ESR 140.12, Firefox 152 and Thunderbird 152 (CVE-2026-12328)

    * firefox: thunderbird: Incorrect boundary conditions in the Internationalization component     (CVE-2026-12330)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12314)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12309)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12310)

    * firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component (CVE-2026-12325)

    * firefox: thunderbird: Sandbox escape in the DOM: Navigation component (CVE-2026-12295)

    * firefox: thunderbird: Privilege escalation in the Graphics: WebRender component (CVE-2026-12289)

    * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12315)

    * firefox: thunderbird: Sandbox escape in the Security: Process Sandboxing component (CVE-2026-12296)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12306)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12307)

    * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component     (CVE-2026-12297)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12305)

    * firefox: thunderbird: Incorrect boundary conditions in the Web Audio component (CVE-2026-12292)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12308)

    * firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component     (CVE-2026-12324)

    * firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component (CVE-2026-12304)

    * firefox: thunderbird: Use-after-free in the Networking: HTTP component (CVE-2026-12291)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12 (CVE-2026-12298)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:27733 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Sandbox escape in the DOM: Workers component (CVE-2026-12294)

    * firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing     component (CVE-2026-12313)

    * firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing     component (CVE-2026-12311)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12290)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox     152 and Thunderbird 152 (CVE-2026-12327)

    * firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component (CVE-2026-12299)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12329)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12312)

    * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12302)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird     ESR 140.12, Firefox 152 and Thunderbird 152 (CVE-2026-12328)

    * firefox: thunderbird: Incorrect boundary conditions in the Internationalization component     (CVE-2026-12330)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12314)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12309)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12310)

    * firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component (CVE-2026-12325)

    * firefox: thunderbird: Sandbox escape in the DOM: Navigation component (CVE-2026-12295)

    * firefox: thunderbird: Privilege escalation in the Graphics: WebRender component (CVE-2026-12289)

    * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12315)

    * firefox: thunderbird: Sandbox escape in the Security: Process Sandboxing component (CVE-2026-12296)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12306)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12307)

    * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component     (CVE-2026-12297)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12305)

    * firefox: thunderbird: Incorrect boundary conditions in the Web Audio component (CVE-2026-12292)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12308)

    * firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component     (CVE-2026-12324)

    * firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component (CVE-2026-12304)

    * firefox: thunderbird: Use-after-free in the Networking: HTTP component (CVE-2026-12291)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12 (CVE-2026-12298)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27734 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Sandbox escape in the DOM: Workers component (CVE-2026-12294)

    * firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing     component (CVE-2026-12313)

    * firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing     component (CVE-2026-12311)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12290)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox     152 and Thunderbird 152 (CVE-2026-12327)

    * firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component (CVE-2026-12299)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12329)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12312)

    * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12302)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird     ESR 140.12, Firefox 152 and Thunderbird 152 (CVE-2026-12328)

    * firefox: thunderbird: Incorrect boundary conditions in the Internationalization component     (CVE-2026-12330)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12314)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12309)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12310)

    * firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component (CVE-2026-12325)

    * firefox: thunderbird: Sandbox escape in the DOM: Navigation component (CVE-2026-12295)

    * firefox: thunderbird: Privilege escalation in the Graphics: WebRender component (CVE-2026-12289)

    * firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12315)

    * firefox: thunderbird: Sandbox escape in the Security: Process Sandboxing component (CVE-2026-12296)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12306)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12307)

    * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component     (CVE-2026-12297)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12305)

    * firefox: thunderbird: Incorrect boundary conditions in the Web Audio component (CVE-2026-12292)

    * firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12308)

    * firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component     (CVE-2026-12324)

    * firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component (CVE-2026-12304)

    * firefox: thunderbird: Use-after-free in the Networking: HTTP component (CVE-2026-12291)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12 (CVE-2026-12298)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4636 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-4636-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/               Emilio Pozuelo Monfort     June 19, 2026                                 https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : thunderbird     Version        : 1:140.12.0esr-1~deb11u1 1:140.12.0esr-1~deb12u1     CVE ID         : CVE-2026-12289 CVE-2026-12290 CVE-2026-12291 CVE-2026-12292                      CVE-2026-12294 CVE-2026-12295 CVE-2026-12296 CVE-2026-12297                      CVE-2026-12298 CVE-2026-12299 CVE-2026-12302 CVE-2026-12304                      CVE-2026-12305 CVE-2026-12306 CVE-2026-12307 CVE-2026-12308                      CVE-2026-12309 CVE-2026-12310 CVE-2026-12311 CVE-2026-12312                      CVE-2026-12313 CVE-2026-12314 CVE-2026-12315 CVE-2026-12324                      CVE-2026-12325 CVE-2026-12327 CVE-2026-12328 CVE-2026-12329                      CVE-2026-12330

    Multiple security issues were discovered in Thunderbird, which could     result in the execution of arbitrary code.

    For Debian 11 bullseye, these problems have been fixed in version     1:140.12.0esr-1~deb11u1.

    For Debian 12 bookworm, these problems have been fixed in version     1:140.12.0esr-1~deb12u1.

    We recommend that you upgrade your thunderbird packages.

    For the detailed security status of thunderbird please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/thunderbird

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4635 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-4635-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/               Emilio Pozuelo Monfort     June 19, 2026                                 https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : firefox-esr     Version        : 140.12.0esr-1~deb11u1 140.12.0esr-1~deb12u1     CVE ID         : CVE-2026-12289 CVE-2026-12290 CVE-2026-12291 CVE-2026-12292                      CVE-2026-12294 CVE-2026-12295 CVE-2026-12296 CVE-2026-12297                      CVE-2026-12298 CVE-2026-12299 CVE-2026-12302 CVE-2026-12304                      CVE-2026-12305 CVE-2026-12306 CVE-2026-12307 CVE-2026-12308                      CVE-2026-12309 CVE-2026-12310 CVE-2026-12311 CVE-2026-12312                      CVE-2026-12313 CVE-2026-12314 CVE-2026-12315 CVE-2026-12324                      CVE-2026-12325 CVE-2026-12327 CVE-2026-12328 CVE-2026-12329                      CVE-2026-12330

    Multiple security issues have been found in the Mozilla Firefox web     browser, which could potentially result in the execution of arbitrary     code, bypass of the same-origin policy, privilege escalation,     information disclosure, spoofing or sandbox escape.

    For Debian 11 bullseye, these problems have been fixed in version     140.12.0esr-1~deb11u1.

    For Debian 12 bookworm, these problems have been fixed in version     140.12.0esr-1~deb12u1.

    We recommend that you upgrade your firefox-esr packages.

    For the detailed security status of firefox-esr please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/firefox-esr

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-1c873954fa advisory.

    Update NSS to 3.124.0     Update to Firefox 152.0

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of mozilla-thunderbird installed on the remote host is prior to 140.12.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-168-04 advisory.

    New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

Tenable has extracted the preceding description block directly from the mozilla-thunderbird security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6350 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6350-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     June 17, 2026                         https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : firefox-esr     CVE ID         : CVE-2026-12289 CVE-2026-12290 CVE-2026-12291 CVE-2026-12292                      CVE-2026-12294 CVE-2026-12295 CVE-2026-12296 CVE-2026-12297                      CVE-2026-12298 CVE-2026-12299 CVE-2026-12302 CVE-2026-12304                      CVE-2026-12305 CVE-2026-12306 CVE-2026-12307 CVE-2026-12308                      CVE-2026-12309 CVE-2026-12310 CVE-2026-12311 CVE-2026-12312                      CVE-2026-12313 CVE-2026-12314 CVE-2026-12315 CVE-2026-12324                      CVE-2026-12325 CVE-2026-12327 CVE-2026-12328 CVE-2026-12329                      CVE-2026-12330

    Multiple security issues have been found in the Mozilla Firefox web     browser, which could potentially result in the execution of arbitrary     code, bypass of the same-origin policy, privilege escalation,     information disclosure, spoofing or sandbox escape.

    For the stable distribution (trixie), these problems have been fixed in     version 140.12.0esr-1~deb13u1.

    We recommend that you upgrade your firefox-esr packages.

    For the detailed security status of firefox-esr please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/firefox-esr

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5eeadd9b1b advisory.

    Update NSS to 3.124.0     Update Firefox to 152.0

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12312)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-60 advisory.

  - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and     Thunderbird 152. (CVE-2026-12293)

  - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12289)

  - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12,     Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12290)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12292)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-61 advisory.

  - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12289)

  - Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12290)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12292)

  - Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12294)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote Windows host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-60 advisory.

  - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and     Thunderbird 152. (CVE-2026-12293)

  - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12289)

  - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12,     Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12290)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12292)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote Windows host is prior to 140.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-61 advisory.

  - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12289)

  - Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12290)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12292)

  - Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12294)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote Windows host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-57 advisory.

  - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and     Thunderbird 152. (CVE-2026-12293)

  - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12289)

  - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12,     Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12290)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12292)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-58 advisory.

  - Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151.
    Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of     these could have been exploited to run arbitrary code. (CVE-2026-12327)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, and Firefox ESR 115.37. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152 and     Firefox ESR 140.12. (CVE-2026-12292)

  - Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, and Firefox ESR 115.37. (CVE-2026-12295)

  - Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152     and Firefox ESR 140.12. (CVE-2026-12296)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-57 advisory.

  - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and     Thunderbird 152. (CVE-2026-12293)

  - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12289)

  - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12,     Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12290)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152,     Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. (CVE-2026-12292)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote Windows host is prior to 140.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-58 advisory.

  - Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151.
    Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of     these could have been exploited to run arbitrary code. (CVE-2026-12327)

  - Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, and Firefox ESR 115.37. (CVE-2026-12291)

  - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152 and     Firefox ESR 140.12. (CVE-2026-12292)

  - Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR     140.12, and Firefox ESR 115.37. (CVE-2026-12295)

  - Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152     and Firefox ESR 140.12. (CVE-2026-12296)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
321909	RHEL 8 : firefox (RHSA-2026:27717)	Nessus	Red Hat Local Security Checks	critical
321902	RHEL 10 : firefox (RHSA-2026:27733)	Nessus	Red Hat Local Security Checks	critical
321898	RHEL 9 : firefox (RHSA-2026:27734)	Nessus	Red Hat Local Security Checks	critical
321759	Debian dla-4636 : thunderbird - security update	Nessus	Debian Local Security Checks	critical
321758	Debian dla-4635 : firefox-esr - security update	Nessus	Debian Local Security Checks	critical
321672	Fedora 43 : firefox / nss (2026-1c873954fa)	Nessus	Fedora Local Security Checks	critical
321545	Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2026-168-04)	Nessus	Slackware Local Security Checks	critical
321490	Debian dsa-6350 : firefox-esr - security update	Nessus	Debian Local Security Checks	critical
321470	Fedora 44 : firefox / nss (2026-5eeadd9b1b)	Nessus	Fedora Local Security Checks	critical
321282	Linux Distros Unpatched Vulnerability : CVE-2026-12312	Nessus	Misc.	high
321222	Mozilla Thunderbird < 152.0	Nessus	MacOS X Local Security Checks	critical
321221	Mozilla Thunderbird < 140.12	Nessus	MacOS X Local Security Checks	critical
321220	Mozilla Thunderbird < 152.0	Nessus	Windows	critical
321219	Mozilla Thunderbird < 140.12	Nessus	Windows	critical
321196	Mozilla Firefox < 152.0	Nessus	Windows	critical
321195	Mozilla Firefox ESR < 140.12	Nessus	MacOS X Local Security Checks	critical
321194	Mozilla Firefox < 152.0	Nessus	MacOS X Local Security Checks	critical
321193	Mozilla Firefox ESR < 140.12	Nessus	Windows	critical

Detections

Analytics

CVE-2026-12312

high

Tenable Plugins

Coming Soon

critical

critical

critical

critical

critical

critical

critical

critical

critical

high

critical

critical

critical

critical

critical

critical

critical

critical