CVE Catalog
CVE-2026-12309
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.24%
14th percentile — higher than 14% of all known CVEs
Summary
A memory safety bug was fixed in Firefox 152 and Thunderbird 152. This vulnerability also affects Firefox ESR 140.12 and Thunderbird 140.12.
Risk Assessment
Exploitation of this vulnerability could lead to unauthorized memory access, posing risks to user data and application integrity.
Recommendation
It is recommended to update to the latest version of Firefox or Thunderbird to mitigate this vulnerability.
Original NVD description (English source)
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

