CVE Catalog
CVE-2026-12307
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk0.26%
17th percentile — higher than 17% of all known CVEs
Summary
A memory safety bug was fixed in Firefox 152 and Thunderbird 152. This vulnerability was also patched in the ESR versions of both Firefox and Thunderbird.
Risk Assessment
Exploitation of this vulnerability could lead to unauthorized memory access, posing a risk to user data. Organizations should update their software to minimize this risk.
Recommendation
It is recommended to update to the latest versions of Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12 to mitigate this vulnerability.
Original NVD description (English source)
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

