PatchSiren cyber security CVE debrief
CVE-2026-12311 Mozilla CVE debrief
CVE-2026-12311 is an information disclosure and sandbox escape vulnerability in the Security: Process Sandboxing component. This issue was addressed in Firefox 152 and Firefox ESR 140.12.
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- MEDIUM 4.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Firefox and Firefox ESR should update to the latest versions to mitigate this vulnerability.
Technical summary
The vulnerability allows for information disclosure and sandbox escape in the Security: Process Sandboxing component.
Defensive priority
High
Recommended defensive actions
- Update to Firefox 152 or Firefox ESR 140.12
Evidence notes
The CVE was published on 2026-06-16T13:16:31.677Z and has been associated with Mozilla as the affected vendor.
Official resources
CVE-2026-12311 was published on 2026-06-16T13:16:31.677Z.