PatchSiren cyber security CVE debrief
CVE-2026-12313 Mozilla CVE debrief
CVE-2026-12313 is an information disclosure and sandbox escape vulnerability in the Security: Process Sandboxing component. This issue was addressed in Firefox 152 and Firefox ESR 140.12.
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- MEDIUM 4.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Firefox and Firefox ESR
Technical summary
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12.
Defensive priority
high
Recommended defensive actions
- Apply updates to Firefox and Firefox ESR to versions 152 and 140.12 respectively.
Evidence notes
Vendor: Mozilla (based on evidence).
Official resources
CVE-2026-12313 was published on 2026-06-16T13:16:31.920Z and has not been modified.