PatchSiren cyber security CVE debrief
CVE-2026-12308 Mozilla CVE debrief
A memory safety bug was fixed in Firefox 152 and Firefox ESR 140.12. This vulnerability was published on [cvePublishedAt].
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Users of Firefox and Firefox ESR should update to version 152 and 140.12 respectively to mitigate this vulnerability.
Technical summary
A memory safety bug was fixed in Firefox 152 and Firefox ESR 140.12.
Defensive priority
High
Recommended defensive actions
- Update Firefox to version 152 or later
- Update Firefox ESR to version 140.12 or later
Evidence notes
The CVE record was obtained from [resourceLinkAnnotations:cve-org]. The vulnerability details were obtained from [resourceLinkAnnotations:nvd].
Official resources
Mozilla has addressed a memory safety bug in Firefox 152 and Firefox ESR 140.12. Users should update to the latest versions to mitigate this vulnerability.