PatchSiren cyber security CVE debrief
CVE-2026-12318 Mozilla CVE debrief
CVE-2026-12318 is a vulnerability in the Libraries component in NSS. The issue is related to incorrect boundary conditions. This vulnerability was fixed in Firefox 152.
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
Users of Firefox and systems that utilize NSS for cryptographic operations should be aware of this vulnerability.
Technical summary
The vulnerability is caused by incorrect boundary conditions in the Libraries component in NSS. This issue has been addressed in Firefox 152.
Defensive priority
medium
Recommended defensive actions
- Update Firefox to version 152 or later to ensure the vulnerability is patched.
Evidence notes
The CVE record and NVD detail provide information on the vulnerability. References from Mozilla's bugzilla and security advisories offer additional context.
Official resources
CVE-2026-12318 was published and modified on 2026-06-16T13:16:32.463Z.