PatchSiren cyber security CVE debrief
CVE-2026-12322 Mozilla CVE debrief
A clickjacking issue was found in the Widget: Gtk component. This vulnerability was fixed in Firefox 152. The issue was reported to Mozilla via Bugzilla and addressed in the Mozilla Firefox Security Advisory (MFSA) 2026-57.
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Mozilla Firefox, particularly those using versions prior to Firefox 152, should be aware of this vulnerability and take steps to update their browsers.
Technical summary
The CVE-2026-12322 vulnerability is a clickjacking issue in the Widget: Gtk component of Mozilla Firefox. This issue allows an attacker to deceive users into clicking on something different than what they intended, potentially leading to unauthorized actions.
Defensive priority
Medium
Recommended defensive actions
- Update Mozilla Firefox to version 152 or later to ensure the clickjacking issue in the Widget: Gtk component is fixed.
Evidence notes
The CVE-2026-12322 vulnerability was reported to Mozilla and addressed in Firefox 152. References to the Bugzilla report and Mozilla Firefox Security Advisory (MFSA) 2026-57 can be found below.
Official resources
CVE-2026-12322 was published on 2026-06-16T13:16:32.937Z and has not been modified since then.