CVE-2026-8958 - Information disclosure, sandbox escape in the Security: Process Sandboxing component
CVE ID :CVE-2026-8958
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8958
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8959 - Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
CVE ID :CVE-2026-8959
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8959
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8960 - Spoofing issue in WebExtensions
CVE ID :CVE-2026-8960
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8960
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8961 - Spoofing issue in the Form Autofill component
CVE ID :CVE-2026-8961
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8961
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8962 - Mitigation bypass in the DOM: Security component
CVE ID :CVE-2026-8962
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8962
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8963 - Spoofing issue in the Web Speech component
CVE ID :CVE-2026-8963
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8963
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8964 - Spoofing issue in the Popup Blocker component
CVE ID :CVE-2026-8964
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8964
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8965 - Information disclosure in the DOM: Security component
CVE ID :CVE-2026-8965
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8965
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8966 - Information disclosure in the IP Protection component
CVE ID :CVE-2026-8966
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8966
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8967 - Information disclosure in the Graphics: WebGPU component
CVE ID :CVE-2026-8967
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8967
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8968 - Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
CVE ID :CVE-2026-8968
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8968
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8969 - Mitigation bypass in the DOM: Security component
CVE ID :CVE-2026-8969
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8969
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8970 - Privilege escalation in the Security component
CVE ID :CVE-2026-8970
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8970
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8971 - Same-origin policy bypass in the Networking: JAR component
CVE ID :CVE-2026-8971
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8971
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8972 - Privilege escalation in the WebRTC: Audio/Video component
CVE ID :CVE-2026-8972
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8972
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8973 - Memory safety bugs fixed in Firefox 151
CVE ID :CVE-2026-8973
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8973
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8974 - Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151
CVE ID :CVE-2026-8974
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8974
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8975 - Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151
CVE ID :CVE-2026-8975
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8975
Published : May 19, 2026, 2:16 p.m. | 1 hour, 8 minutes ago
Description :Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-36827 - Panabit PAP-XM320 Command Injection Vulnerability
CVE ID :CVE-2026-36827
Published : May 19, 2026, 5:16 p.m. | 2 hours, 11 minutes ago
Description :A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters to it. The helper performs unsafe argument processing using eval, which allows command injection when attacker-controlled input is included in the arguments. As a result, an authenticated remote attacker with access to the management interface may execute arbitrary shell commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-36827
Published : May 19, 2026, 5:16 p.m. | 2 hours, 11 minutes ago
Description :A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters to it. The helper performs unsafe argument processing using eval, which allows command injection when attacker-controlled input is included in the arguments. As a result, an authenticated remote attacker with access to the management interface may execute arbitrary shell commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
❤1
CVE-2026-36828 - Panabit PAP-XM320 Command Injection Vulnerability
CVE ID :CVE-2026-36828
Published : May 19, 2026, 5:16 p.m. | 2 hours, 11 minutes ago
Description :A command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint of Panabit PAP-XM320 up to and including v7.7. The CGI component allows authenticated users to execute arbitrary shell commands with root privileges via the action=runcmd parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-36828
Published : May 19, 2026, 5:16 p.m. | 2 hours, 11 minutes ago
Description :A command injection vulnerability exists in the /cgi-bin/tools/ajax_cmd endpoint of Panabit PAP-XM320 up to and including v7.7. The CGI component allows authenticated users to execute arbitrary shell commands with root privileges via the action=runcmd parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-36829 - Panabit PAP-XM320 Authentication Bypass Vulnerability
CVE ID :CVE-2026-36829
Published : May 19, 2026, 5:16 p.m. | 2 hours, 11 minutes ago
Description :An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing directory traversal and bypass of authentication.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-36829
Published : May 19, 2026, 5:16 p.m. | 2 hours, 11 minutes ago
Description :An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing directory traversal and bypass of authentication.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...