PatchSiren cyber security CVE debrief
CVE-2026-12315 Mozilla CVE debrief
CVE-2026-12315 is a mitigation bypass vulnerability in the DOM: Security component. The vulnerability was published on [cvePublishedAt] and has not been modified since. The vendor for this vulnerability is likely Mozilla, based on evidence from the source item. The vulnerability was fixed in Firefox 152 and Firefox ESR 140.12.
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- CRITICAL 9.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Users of Firefox and Firefox ESR should apply the patches to prevent exploitation of this vulnerability.
Technical summary
A mitigation bypass vulnerability exists in the DOM: Security component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12.
Defensive priority
high
Recommended defensive actions
- Apply the patches for Firefox 152 and Firefox ESR 140.12.
Evidence notes
The vendor for this vulnerability is likely Mozilla, based on evidence from the source item.
Official resources
CVE-2026-12315 was published on 2026-06-16T13:16:32.147Z and has not been modified since.