PatchSiren cyber security CVE debrief
CVE-2026-12319 Mozilla CVE debrief
CVE-2026-12319 is a denial-of-service vulnerability in the Audio/Video: Playback component. The vulnerability was fixed in Firefox 152. The CVE was published and modified on 2026-06-16T13:16:32.563Z. The vendor is currently listed as Unknown Vendor, but evidence suggests the vulnerability may be related to Mozilla. For more information, see [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-12319) and [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-12319).
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Firefox, particularly those who use the Audio/Video: Playback component, should be aware of this vulnerability and ensure they are running Firefox 152 or later.
Technical summary
A denial-of-service vulnerability exists in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152.
Defensive priority
medium
Recommended defensive actions
- Update Firefox to version 152 or later.
- Review [ref-4](https://bugzilla.mozilla.org/show_bug.cgi?id=2026933) and [ref-5](https://www.mozilla.org/security/advisories/mfsa2026-57/) for more information.
Evidence notes
The vendor is currently listed as Unknown Vendor, but evidence suggests the vulnerability may be related to Mozilla.
Official resources
public