Mozilla Foundation Security Advisory 2026-67
Security Vulnerabilities fixed in Firefox 152.0.6
- Announced
- July 14, 2026
- Impact
- critical
- Products
- Firefox
- Fixed in
-
- Firefox 152.0.6
#CVE-2026-15718: Invalid pointer in the JavaScript: WebAssembly component
- Reporter
- Christian Holler
- Impact
- critical
Description
We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw.
References
#CVE-2026-15719: Site isolation in the DOM: Navigation component
- Reporter
- Atsushi Sada
- Impact
- critical
Description
We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw.