252
CVEs
93
Critical
115
High
0
KEV
4
PoC
4
Unpatched C/H
97.2%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
93
HIGH
115
MEDIUM
43
LOW
1
Monthly CVE Trend
Affected Products (27)
Thunderbird
42
Open Redirect
9
Firefox
5
PHP
5
Cors Misconfiguration
4
Node.js
3
Python
2
Prototype Pollution
2
H300s Firmware
1
H410c Firmware
1
H410s Firmware
1
AI / ML
1
H700s Firmware
1
Jwt Attack
1
Kubernetes
1
Mail Server
1
Neqo
1
Open Xchange Appsuite Frontend
1
Safari
1
H500s Firmware
1
Anything Llm
1
Bootstrap Os
1
Chrome
1
Curl
1
Debian Linux
1
Dify
1
Docker
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-4689 | A sandbox escape vulnerability exists in Firefox's XPCOM component due to incorrect boundary conditions and integer overflow, allowing attackers to bypass security sandboxing mechanisms. This affects Firefox versions below 149, Firefox ESR below 115.34, and Firefox ESR below 140.9. An attacker can exploit this flaw to escape the browser sandbox and potentially execute arbitrary code with elevated privileges on the affected system. | CRITICAL | 10.0 | 0.0% | 70 |
PoC
|
| CVE-2026-2796 | JIT miscompilation in Firefox WebAssembly before 148. The JIT compiler generates incorrect Wasm code, enabling type confusion. PoC available. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
|
| CVE-2026-0889 | Service Workers in Mozilla Firefox and Thunderbird versions below 147 are vulnerable to remote denial-of-service attacks that require no user interaction or authentication. An unauthenticated attacker can crash affected applications over the network, and public exploit code exists for this vulnerability. Currently no patch is available for remediation. | HIGH | 7.5 | 0.0% | 58 |
PoC
|
| CVE-2026-2761 | Second sandbox escape in Firefox WebRender component. CVSS 10.0 — independent path from CVE-2026-2760 to escape the content process sandbox. | CRITICAL | 10.0 | 0.1% | 50 |
|
| CVE-2026-2768 | Sandbox escape via IndexedDB in Firefox before 148 and Thunderbird. CVSS 10.0 — the Storage: IndexedDB component allows escaping the content process sandbox. | CRITICAL | 10.0 | 0.1% | 50 |
|
| CVE-2026-2778 | Sandbox escape via DOM Core & HTML component in Firefox before 148. CVSS 10.0 — fifth sandbox escape in this release. | CRITICAL | 10.0 | 0.1% | 50 |
|
| CVE-2026-2760 | Sandbox escape via boundary violation in Firefox WebRender graphics component. CVSS 10.0 — allows escaping the content sandbox to execute code with elevated privileges. | CRITICAL | 10.0 | 0.1% | 50 |
|
| CVE-2026-2776 | Sandbox escape via Telemetry component in Firefox external software before 148. CVSS 10.0 — fourth sandbox escape in this release, through the telemetry subsystem. | CRITICAL | 10.0 | 0.1% | 50 |
|
| CVE-2026-0881 | Firefox Messaging System component has a sandbox escape vulnerability. Maximum CVSS 10.0 with scope change. Affects Firefox < 147 and Thunderbird < 147. | CRITICAL | 10.0 | 0.0% | 50 |
|
| CVE-2026-4688 | Sandbox escape in Mozilla Firefox's Disability Access APIs component due to a use-after-free memory vulnerability allows unauthenticated remote attackers to execute arbitrary code with full system compromise. Firefox versions below 149 and Firefox ESR below 140.9 are affected, with no patch currently available. The vulnerability is exploitable over the network without user interaction, presenting critical risk to all affected users. | CRITICAL | 10.0 | 0.0% | 50 |
|
| CVE-2026-4725 | Unauthenticated remote attackers can escape the Firefox sandbox through a use-after-free vulnerability in the Canvas2D graphics component, allowing arbitrary code execution on affected systems running Firefox versions prior to 149. The vulnerability requires no user interaction and impacts the entire system due to its critical severity and CVSS score of 10.0. No patch is currently available for this actively exploitable flaw. | CRITICAL | 10.0 | 0.0% | 50 |
|
| CVE-2026-4692 | A sandbox escape vulnerability exists in Firefox's Responsive Design Mode component that allows attackers to break out of the browser's security sandbox and access sensitive information. This affects Firefox versions prior to 149, Firefox ESR prior to 115.34, and Firefox ESR prior to 140.9. An attacker can exploit this vulnerability to disclose information by circumventing the sandbox restrictions that normally isolate web content from the browser's privileged context. | CRITICAL | 10.0 | 0.0% | 50 |
|
| CVE-2025-14324 | JIT compiler miscompilation in Mozilla's JavaScript engine allows remote code execution without authentication in Firefox (versions <146, <115.31 ESR, <140.6 ESR) and Thunderbird (versions <146, <140.6 ESR). The CVSS 9.8 critical score reflects network-based exploitation requiring no user interaction. EPSS score of 0.10% (27th percentile) suggests low predicted exploitation probability despite severity. No public exploit identified at time of analysis, and vendor-released patches are available across all affected product lines per Mozilla security advisories MFSA2025-92 through MFSA2025-96. | CRITICAL | 9.8 | 0.1% | 49 |
|
| CVE-2025-14330 | Just-In-Time (JIT) compilation flaws in Mozilla's JavaScript engine allow unauthenticated remote attackers to achieve arbitrary code execution with high integrity and availability impact across Firefox and Thunderbird. Affects Firefox <146, Firefox ESR <140.6, Thunderbird <146, and Thunderbird ESR <140.6. Despite a critical CVSS 9.8 score, EPSS probability remains low at 0.09% (25th percentile), and no public exploit or active exploitation (CISA KEV) has been identified at time of analysis. Vendor-released patches are available across all affected product lines. | CRITICAL | 9.8 | 0.1% | 49 |
|
| CVE-2025-14321 | Remote code execution via use-after-free in Mozilla Firefox and Thunderbird WebRTC signaling allows unauthenticated network attackers to execute arbitrary code without user interaction. Affects Firefox <146, Firefox ESR <140.6, Thunderbird <146, and Thunderbird ESR <140.6. Vendor-released patches available (Firefox 146, Firefox ESR 140.6, Thunderbird 146, Thunderbird 140.6). CVSS 9.8 (critical) reflects maximum technical severity, though EPSS 0.09% (25th percentile) and absence from CISA KEV suggest limited real-world exploitation at time of analysis. No public exploit identified at time of analysis. | CRITICAL | 9.8 | 0.1% | 49 |
|