PatchSiren cyber security CVE debrief

CVE-2026-12330 Mozilla CVE debrief

CVE-2026-12330 is a vulnerability in the Internationalization component due to incorrect boundary conditions. This issue was addressed in Firefox ESR 140.12 and Firefox ESR 115.37.

Vendor: Mozilla
Product: Firefox
CVSS: MEDIUM 5.4
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-16
Original CVE updated: 2026-06-16
Advisory published: 2026-06-16
Advisory updated: 2026-06-16

Who should care

Users of Firefox ESR 140.12 and Firefox ESR 115.37 may be affected by this vulnerability.

Technical summary

The vulnerability is caused by incorrect boundary conditions in the Internationalization component.

Defensive priority

high

Recommended defensive actions

Update to Firefox ESR 140.12 or Firefox ESR 115.37

Evidence notes

The vendor is identified as Mozilla based on evidence from the source item.

Official resources

CVE-2026-12330 CVE record
CVE.org
CVE-2026-12330 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Source reference
[email protected]

CVE-2026-12330 was published on 2026-06-16T13:16:33.747Z.