PatchSiren cyber security CVE debrief

CVE-2026-12305 Mozilla CVE debrief

A memory safety bug was fixed in Firefox 152 and Firefox ESR 140.12. This vulnerability was addressed in the latest releases of Firefox and Firefox ESR.

Vendor: Mozilla
Product: Firefox
CVSS: HIGH 7.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-16
Original CVE updated: 2026-06-17
Advisory published: 2026-06-16
Advisory updated: 2026-06-17

Who should care

Users of Firefox and Firefox ESR should update to the latest versions to ensure they are protected against this vulnerability.

Technical summary

A memory safety bug was fixed in Firefox 152 and Firefox ESR 140.12.

Defensive priority

High

Recommended defensive actions

Update to Firefox 152 or later
Update to Firefox ESR 140.12 or later

Evidence notes

The CVE record and NVD detail can be found at resourceLinkAnnotations 'cve-org' and 'nvd'.

Official resources

CVE-2026-12305 CVE record
CVE.org
CVE-2026-12305 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Source reference
[email protected]

The CVE was published and modified on 2026-06-16T13:16:30.743Z.