Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-01-22
CVE-2026-0891 - Firefox ESR Plugin
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0891
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0885 - Firefox ESR Plugin
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0885
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0890 - Firefox ESR Plugin
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0890
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0886 - Firefox ESR Plugin
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0886
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0887 - Firefox ESR Plugin
Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0887
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0884 - Firefox ESR Plugin
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0884
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0879 - Firefox ESR Plugin
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0879
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0882 - Firefox ESR Plugin
Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0882
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0880 - Firefox ESR Plugin
Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0880
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0877 - Firefox ESR Plugin
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0877
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0878 - Firefox ESR Plugin
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0878
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-0883 - Firefox ESR Plugin
Information disclosure in the Networking component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
PLUGIN
Firefox ESR
CVE-2026-0883
Risk Score