CVE-2026-12303

Published: Giu 16, 2026 Last Modified: Giu 16, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 4,3
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

125

Out-of-bounds Read

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Availability Other
Potential Impacts:
Read Memory Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Varies By Context
Applicable Platforms
Languages: Memory-Unsafe, C, C++
Technologies: ICS/OT
View CWE Details
Application

Thunderbird by Mozilla

Product Information
Vendor Mozilla
Product Thunderbird
Version Range Affected
To 152.0.0 (exclusive)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Firefox by Mozilla

Product Information
Vendor Mozilla
Product Firefox
Version Range Affected
To 152.0 (exclusive)
cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://bugzilla.mozilla.org/show_bug.cgi?id=2034608
https://bugzilla.mozilla.org/show_bug.cgi?id=2034608
https://www.mozilla.org/security/advisories/mfsa2026-57/
https://www.mozilla.org/security/advisories/mfsa2026-57/
https://www.mozilla.org/security/advisories/mfsa2026-60/
https://www.mozilla.org/security/advisories/mfsa2026-60/