RHSA-2026:27734HighCVSS 7.5

Red Hat Security Advisory: firefox security update

Published
June 22, 2026
Last Modified
June 22, 2026

🔗 CVE IDs covered (29)

CVE-2026-12325CVE-2026-12296CVE-2026-12298CVE-2026-12306CVE-2026-12314CVE-2026-12315CVE-2026-12329CVE-2026-12295CVE-2026-12304CVE-2026-12328CVE-2026-12291CVE-2026-12297CVE-2026-12299CVE-2026-12302CVE-2026-12305CVE-2026-12289CVE-2026-12294CVE-2026-12310CVE-2026-12311CVE-2026-12312CVE-2026-12307CVE-2026-12309CVE-2026-12327CVE-2026-12330CVE-2026-12313CVE-2026-12324CVE-2026-12290CVE-2026-12292CVE-2026-12308

📋 Description

CVE-2026-12289 — firefox: thunderbird: Privilege escalation in the Graphics: WebRender component CVE-2026-12290 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12291 — firefox: thunderbird: Use-after-free in the Networking: HTTP component CVE-2026-12292 — firefox: thunderbird: Incorrect boundary conditions in the Web Audio component CVE-2026-12294 — firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12295 — firefox: thunderbird: Sandbox escape in the DOM: Navigation component CVE-2026-12296 — firefox: thunderbird: Sandbox escape in the Security: Process Sandboxing component CVE-2026-12297 — firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component CVE-2026-12298 — firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12 CVE-2026-12299 — firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component CVE-2026-12302 — firefox: thunderbird: Mitigation bypass in the DOM: Security component CVE-2026-12304 — firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component CVE-2026-12305 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12306 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12307 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12308 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12309 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12310 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12311 — firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12312 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12313 — firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12314 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12315 — firefox: thunderbird: Mitigation bypass in the DOM: Security component CVE-2026-12324 — firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component CVE-2026-12325 — firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component CVE-2026-12327 — firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 CVE-2026-12328 — firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 CVE-2026-12329 — firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 CVE-2026-12330 — firefox: thunderbird: Incorrect boundary conditions in the Internationalization component

🔗 References (32)