Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN660 _____________________________________________________________________ DATE : 19/06/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Firefox versions prior to ESR 115.37, ESR 140.12, 152, for iOS 152.0. ===================================================================== https://www.mozilla.org/en-US/security/advisories/mfsa2026-59/ https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/ https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/ https://www.mozilla.org/en-US/security/advisories/mfsa2026-56/ _____________________________________________________________________ Mozilla Foundation Security Advisory 2026-59 Security Vulnerabilities fixed in Firefox ESR 115.37 Announced June 16, 2026 Impact high Products Firefox ESR Fixed in Firefox ESR 115.37 #CVE-2026-12289: Privilege escalation in the Graphics: WebRender component Reporter choeseyeong Impact high References Bug 2023443 #CVE-2026-12290: Memory safety bug fixed in Firefox ESR 115.37 Reporter jayjayjazz Impact high References Bug 2024852 #CVE-2026-12291: Use-after-free in the Networking: HTTP component Reporter Zijie Zhao Impact high References Bug 2036929 #CVE-2026-12294: Sandbox escape in the DOM: Workers component Reporter Quy Pham Impact high References Bug 2039873 #CVE-2026-12295: Sandbox escape in the DOM: Navigation component Reporter Yaqoub Aldurayhim Impact high References Bug 2040160 #CVE-2026-12297: Sandbox escape due to incorrect boundary conditions in the Networking component Reporter zx Impact high References Bug 2041610 #CVE-2026-12299: JIT miscompilation in the DOM: Core & HTML component Reporter Hyeonjun Ahn Impact high References Bug 2043139 #CVE-2026-12302: Mitigation bypass in the DOM: Security component Reporter lebr0nli Impact moderate References Bug 2034489 #CVE-2026-12330: Incorrect boundary conditions in the Internationalization component Reporter Mozilla Fuzzing Team Impact moderate References Bug 2029326 #CVE-2026-12325: Denial-of-service in the Graphics: ImageLib component Reporter Securin Impact low References Bug 2039443 #CVE-2026-12328: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 Reporter Andrew McCreight, Randell Jesup, Tom Ritter and the Mozilla Fuzzing Team Impact high Description Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References High Severity memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 _____________________________________________________________________ Mozilla Foundation Security Advisory 2026-58 Security Vulnerabilities fixed in Firefox ESR 140.12 Announced June 16, 2026 Impact high Products Firefox ESR Fixed in Firefox ESR 140.12 #CVE-2026-12289: Privilege escalation in the Graphics: WebRender component Reporter choeseyeong Impact high References Bug 2023443 #CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12 Reporter jayjayjazz Impact high References Bug 2024852 #CVE-2026-12291: Use-after-free in the Networking: HTTP component Reporter Zijie Zhao Impact high References Bug 2036929 #CVE-2026-12292: Incorrect boundary conditions in the Web Audio component Reporter Zijie Zhao Impact high References Bug 2038465 #CVE-2026-12294: Sandbox escape in the DOM: Workers component Reporter Quy Pham Impact high References Bug 2039873 #CVE-2026-12295: Sandbox escape in the DOM: Navigation component Reporter Yaqoub Aldurayhim Impact high References Bug 2040160 #CVE-2026-12298: Memory safety bug fixed in Firefox ESR 140.12 Reporter Haruka Yamazaki Impact high References Bug 2041981 #CVE-2026-12296: Sandbox escape in the Security: Process Sandboxing component Reporter Yaqoub Aldurayhim Impact high References Bug 2040515 #CVE-2026-12297: Sandbox escape due to incorrect boundary conditions in the Networking component Reporter zx Impact high References Bug 2041610 #CVE-2026-12299: JIT miscompilation in the DOM: Core & HTML component Reporter Hyeonjun Ahn Impact high References Bug 2043139 #CVE-2026-12329: Memory safety bug fixed in Firefox ESR 140.12 Reporter Michael Froman Impact high References Bug 2044738 #CVE-2026-12302: Mitigation bypass in the DOM: Security component Reporter lebr0nli Impact moderate References Bug 2034489 #CVE-2026-12304: Same-origin policy bypass in the Networking: Cookies component Reporter Yaqoub Aldurayhim Impact moderate References Bug 2034944 #CVE-2026-12305: Memory safety bug fixed in Firefox ESR 140.12 Reporter Zijie Zhao Impact moderate References Bug 2037290 #CVE-2026-12306: Memory safety bug fixed in Firefox ESR 140.12 Reporter Mihalis Haatainen Impact moderate References Bug 2037323 #CVE-2026-12307: Memory safety bug fixed in Firefox ESR 140.12 Reporter Atsushi Sada Impact moderate References Bug 2038133 #CVE-2026-12308: Memory safety bug fixed in Firefox ESR 140.12 Reporter Mihalis Haatainen Impact moderate References Bug 2038302 #CVE-2026-12309: Memory safety bug fixed in Firefox ESR 140.12 Reporter Yaqoub Aldurayhim Impact moderate References Bug 2038476 #CVE-2026-12310: Memory safety bug fixed in Firefox ESR 140.12 Reporter Carl Pearson Impact moderate References Bug 2039707 #CVE-2026-12311: Information disclosure, sandbox escape in the Security: Process Sandboxing component Reporter Yaqoub Aldurayhim Impact moderate References Bug 2040177 #CVE-2026-12312: Memory safety bug fixed in Firefox ESR 140.12 Reporter Rintaro Kawasugi Impact moderate References Bug 2040383 #CVE-2026-12313: Information disclosure, sandbox escape in the Security: Process Sandboxing component Reporter evyatar Impact moderate References Bug 2040477 #CVE-2026-12314: Memory safety bug fixed in Firefox ESR 140.12 Reporter satyamasd Impact moderate References Bug 2041856 #CVE-2026-12315: Mitigation bypass in the DOM: Security component Reporter Nguyen Minh Impact moderate References Bug 2042058 #CVE-2026-12330: Incorrect boundary conditions in the Internationalization component Reporter Mozilla Fuzzing Team Impact moderate References Bug 2029326 #CVE-2026-12324: Incorrect boundary conditions in the Graphics: CanvasWebGL component Reporter Mihalis Haatainen Impact low References Bug 2038444 #CVE-2026-12325: Denial-of-service in the Graphics: ImageLib component Reporter Securin Impact low References Bug 2039443 #CVE-2026-12327: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 Reporter Christian Holler, Jens Stutte, Nika Layzell, Randell Jesup, Tom Schuster and the Mozilla Fuzzing Team Impact moderate Description Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Moderate Severity memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 #CVE-2026-12328: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 Reporter Andrew McCreight, Randell Jesup, Tom Ritter and the Mozilla Fuzzing Team Impact high Description Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References High Severity memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 _____________________________________________________________________ Mozilla Foundation Security Advisory 2026-57 Security Vulnerabilities fixed in Firefox 152 Announced June 16, 2026 Impact high Products Firefox Fixed in Firefox 152 #CVE-2026-12289: Privilege escalation in the Graphics: WebRender component Reporter choeseyeong Impact high References Bug 2023443 #CVE-2026-12290: Memory safety bug fixed in Firefox 152 Reporter jayjayjazz Impact high References Bug 2024852 #CVE-2026-12291: Use-after-free in the Networking: HTTP component Reporter Zijie Zhao Impact high References Bug 2036929 #CVE-2026-12292: Incorrect boundary conditions in the Web Audio component Reporter Zijie Zhao Impact high References Bug 2038465 #CVE-2026-12293: Use-after-free in the Graphics: WebGPU component Reporter superhei Impact high References Bug 2039568 #CVE-2026-12294: Sandbox escape in the DOM: Workers component Reporter Quy Pham Impact high References Bug 2039873 #CVE-2026-12295: Sandbox escape in the DOM: Navigation component Reporter Yaqoub Aldurayhim Impact high References Bug 2040160 #CVE-2026-12296: Sandbox escape in the Security: Process Sandboxing component Reporter Yaqoub Aldurayhim Impact high References Bug 2040515 #CVE-2026-12297: Sandbox escape due to incorrect boundary conditions in the Networking component Reporter zx Impact high References Bug 2041610 #CVE-2026-12298: Memory safety bug fixed in Firefox 152 Reporter Haruka Yamazaki Impact high References Bug 2041981 #CVE-2026-12299: JIT miscompilation in the DOM: Core & HTML component Reporter Hyeonjun Ahn Impact high References Bug 2043139 #CVE-2026-12300: Memory safety bug fixed in Firefox 152 Reporter Niklas Impact moderate References Bug 1704114 #CVE-2026-12301: Memory safety bug fixed in Firefox 152 Reporter Richard Belisle Impact moderate References Bug 2015647 #CVE-2026-12302: Mitigation bypass in the DOM: Security component Reporter lebr0nli Impact moderate References Bug 2034489 #CVE-2026-12303: Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component Reporter Michal Andryskowski Impact moderate References Bug 2034608 #CVE-2026-12304: Same-origin policy bypass in the Networking: Cookies component Reporter Yaqoub Aldurayhim Impact moderate References Bug 2034944 #CVE-2026-12305: Memory safety bug fixed in Firefox 152 Reporter Zijie Zhao Impact moderate References Bug 2037290 #CVE-2026-12306: Memory safety bug fixed in Firefox 152 Reporter Mihalis Haatainen Impact moderate References Bug 2037323 #CVE-2026-12307: Memory safety bug fixed in Firefox 152 Reporter Atsushi Sada Impact moderate References Bug 2038133 #CVE-2026-12308: Memory safety bug fixed in Firefox 152 Reporter Mihalis Haatainen Impact moderate References Bug 2038302 #CVE-2026-12309: Memory safety bug fixed in Firefox 152 Reporter Yaqoub Aldurayhim Impact moderate References Bug 2038476 #CVE-2026-12310: Memory safety bug fixed in Firefox 152 Reporter Carl Pearson Impact moderate References Bug 2039707 #CVE-2026-12311: Information disclosure, sandbox escape in the Security: Process Sandboxing component Reporter Yaqoub Aldurayhim Impact moderate References Bug 2040177 #CVE-2026-12312: Memory safety bug fixed in Firefox 152 Reporter Rintaro Kawasugi Impact moderate References Bug 2040383 #CVE-2026-12313: Information disclosure, sandbox escape in the Security: Process Sandboxing component Reporter evyatar Impact moderate References Bug 2040477 #CVE-2026-12314: Memory safety bug fixed in Firefox 152 Reporter satyamasd Impact moderate References Bug 2041856 #CVE-2026-12315: Mitigation bypass in the DOM: Security component Reporter Nguyen Minh Impact moderate References Bug 2042058 #CVE-2026-12316: Mitigation bypass in the DOM: Security component Reporter Frederik Braun Impact moderate References Bug 2045496 #CVE-2026-12317: Memory safety bug fixed in Firefox 152 Reporter Frédéric Wang Nélar Impact low References Bug 2007083 #CVE-2026-12318: Incorrect boundary conditions in the Libraries component in NSS Reporter Haruto Kimura Impact low References Bug 2023478 #CVE-2026-12319: Denial-of-service in the Audio/Video: Playback component Reporter jmwebdevelopement Impact low References Bug 2026933 #CVE-2026-12320: Information disclosure in the Password Manager component Reporter Av0id Impact low References Bug 2027572 #CVE-2026-12321: JIT miscompilation in the JavaScript: WebAssembly component Reporter JunYoung Park Impact low References Bug 2032943 #CVE-2026-12322: Clickjacking issue in the Widget: Gtk component Reporter Abdan Alkayyis Impact low References Bug 2033848 #CVE-2026-12323: Spoofing issue in the DOM: Core & HTML component Reporter Jody Ritonga Impact low References Bug 2035027 #CVE-2026-12324: Incorrect boundary conditions in the Graphics: CanvasWebGL component Reporter Mihalis Haatainen Impact low References Bug 2038444 #CVE-2026-12325: Denial-of-service in the Graphics: ImageLib component Reporter Securin Impact low References Bug 2039443 #CVE-2026-12326: Memory safety bugs fixed in Firefox 152 and Thunderbird 152 Reporter Ashley Zebrowski, Christian Holler, Dan Baker, Jan de Mooij, Jon Coppeard, Maurice Dauer, Nicolas B. Pierron, Nika Layzell, Randell Jesup, Rob Wu, Ryan Hunt, Steve Fink, Tom Schuster, Tomoya Nakanishi, Yannis Juglaret, Serge Guelton and the Mozilla Fuzzing Team Impact high Description Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References High Severity memory safety bugs fixed in Firefox 152 and Thunderbird 152 Moderate Severity memory safety bugs fixed in Firefox 152 and Thunderbird 152 Low Severity memory safety bugs fixed in Firefox 152 and Thunderbird 152 #CVE-2026-12327: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 Reporter Christian Holler, Jens Stutte, Nika Layzell, Randell Jesup, Tom Schuster and the Mozilla Fuzzing Team Impact moderate Description Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Moderate Severity memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 #CVE-2026-12328: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 Reporter Andrew McCreight, Randell Jesup, Tom Ritter and the Mozilla Fuzzing Team Impact high Description Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References High Severity memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 _____________________________________________________________________ Mozilla Foundation Security Advisory 2026-56 Security Vulnerabilities fixed in Firefox for iOS 152.0 Announced June 16, 2026 Impact high Products Firefox for iOS Fixed in Firefox for iOS 152 #CVE-2026-53899: Cross-origin cookies could be leaked when openin a PDF link Reporter Muneaki Nishimura Impact high Description Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. References Bug 2042909 #CVE-2026-53900: Cookie injection was possible when opening a PDF link Reporter Muneaki Nishimura Impact high Description Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in TemporaryDocument, allowing a malicious site to inject arbitrary cookies into requests to an unrelated target domain. References Bug 2043204 ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================