CVE-2026-12320

Published: Giu 16, 2026 Last Modified: Giu 16, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 4,3
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

200

Exposure of Sensitive Information to an Unauthorized Actor

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality
Potential Impacts:
Read Application Data
Applicable Platforms
Technologies: Not Technology-Specific, Web Based, Mobile
Likelihood of Exploit: High
View CWE Details
Application

Firefox by Mozilla

Product Information
Vendor Mozilla
Product Firefox
Version Range Affected
To 152.0.0 (exclusive)
cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Thunderbird by Mozilla

Product Information
Vendor Mozilla
Product Thunderbird
Version Range Affected
To 152.0.0 (exclusive)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://bugzilla.mozilla.org/show_bug.cgi?id=2027572
https://bugzilla.mozilla.org/show_bug.cgi?id=2027572
https://www.mozilla.org/security/advisories/mfsa2026-57/
https://www.mozilla.org/security/advisories/mfsa2026-57/
https://www.mozilla.org/security/advisories/mfsa2026-60/
https://www.mozilla.org/security/advisories/mfsa2026-60/