PatchSiren cyber security CVE debrief

CVE-2026-12302 Mozilla CVE debrief

A mitigation bypass vulnerability was discovered in the DOM: Security component. This issue was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37. The vulnerability was publicly disclosed on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-12302).

Vendor: Mozilla
Product: Firefox
CVSS: MEDIUM 6.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-16
Original CVE updated: 2026-06-17
Advisory published: 2026-06-16
Advisory updated: 2026-06-17

Who should care

Users of Firefox, Firefox ESR

Technical summary

A mitigation bypass vulnerability was discovered in the DOM: Security component.

Defensive priority

High

Recommended defensive actions

Update to Firefox 152, Firefox ESR 140.12, or Firefox ESR 115.37 or later.

Evidence notes

The CVE was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-12302).

Official resources

CVE-2026-12302 CVE record
CVE.org
CVE-2026-12302 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Source reference
[email protected]
Source reference
[email protected]

Public