CVE-2026-8827 - SQL Injection in extension "Address List" (tt_address)
CVE ID :CVE-2026-8827
Published : May 19, 2026, 10:16 a.m. | 1 hour, 8 minutes ago
Description :The AddressRepository::getSqlQuery() method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call this method with untrusted input would expose the site to SQL injection.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8827
Published : May 19, 2026, 10:16 a.m. | 1 hour, 8 minutes ago
Description :The AddressRepository::getSqlQuery() method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call this method with untrusted input would expose the site to SQL injection.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8951 - Spoofing issue in the Toolbar component in Firefox for Android
CVE ID :CVE-2026-8951
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8951
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8952 - Privilege escalation in the Application Update component
CVE ID :CVE-2026-8952
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8952
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8953 - Sandbox escape due to use-after-free in the Disability Access APIs component
CVE ID :CVE-2026-8953
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8953
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8954 - Incorrect boundary conditions, integer overflow in the Audio/Video component
CVE ID :CVE-2026-8954
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8954
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8955 - Privilege escalation in the DOM: Workers component
CVE ID :CVE-2026-8955
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8955
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8956 - Integer overflow in the Networking: JAR component
CVE ID :CVE-2026-8956
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8956
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8957 - Privilege escalation in the Enterprise Policies component
CVE ID :CVE-2026-8957
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8957
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8958 - Information disclosure, sandbox escape in the Security: Process Sandboxing component
CVE ID :CVE-2026-8958
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8958
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8959 - Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
CVE ID :CVE-2026-8959
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8959
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8960 - Spoofing issue in WebExtensions
CVE ID :CVE-2026-8960
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8960
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8961 - Spoofing issue in the Form Autofill component
CVE ID :CVE-2026-8961
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8961
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8962 - Mitigation bypass in the DOM: Security component
CVE ID :CVE-2026-8962
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8962
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8963 - Spoofing issue in the Web Speech component
CVE ID :CVE-2026-8963
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8963
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8964 - Spoofing issue in the Popup Blocker component
CVE ID :CVE-2026-8964
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8964
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8965 - Information disclosure in the DOM: Security component
CVE ID :CVE-2026-8965
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8965
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8966 - Information disclosure in the IP Protection component
CVE ID :CVE-2026-8966
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8966
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8967 - Information disclosure in the Graphics: WebGPU component
CVE ID :CVE-2026-8967
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8967
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8968 - Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
CVE ID :CVE-2026-8968
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8968
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8969 - Mitigation bypass in the DOM: Security component
CVE ID :CVE-2026-8969
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8969
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8970 - Privilege escalation in the Security component
CVE ID :CVE-2026-8970
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8970
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...