CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4702 – JIT miscompilation in the JavaScript Engine component
https://notcve.org/view.php?id=CVE-2026-4702
24 Mar 2026 — This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. ... Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. ... This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. • https://bugzilla.mozilla.org/show_bug.cgi?id=2013560 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4698 – JIT miscompilation in the JavaScript Engine: JIT component
https://notcve.org/view.php?id=CVE-2026-4698
24 Mar 2026 — This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. ... Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149 y Thunderbird < 140.9. ... This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. This vulnerability allows remote attackers to... • https://bugzilla.mozilla.org/show_bug.cgi?id=2020906 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2026-2796 – JIT miscompilation in the JavaScript: WebAssembly component
https://notcve.org/view.php?id=CVE-2026-2796
24 Feb 2026 — This vulnerability affects Firefox < 148 and Thunderbird < 148. ... This vulnerability was fixed in Firefox 148 and Thunderbird 148. • https://bugzilla.mozilla.org/show_bug.cgi?id=2013165 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-2783 – Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
https://notcve.org/view.php?id=CVE-2026-2783
24 Feb 2026 — This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. ... This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. • https://bugzilla.mozilla.org/show_bug.cgi?id=2010943 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14330 – JIT miscompilation in the JavaScript Engine: JIT component
https://notcve.org/view.php?id=CVE-2025-14330
09 Dec 2025 — This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. ... This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/show_bug.cgi?id=1997503 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-686: Function Call With Incorrect Argument Type CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14325 – JIT miscompilation in the JavaScript Engine: JIT component
https://notcve.org/view.php?id=CVE-2025-14325
09 Dec 2025 — This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. ... This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/show_bug.cgi?id=1998050 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.0EPSS: 0%CPEs: 34EXPL: 0CVE-2025-1933 – JIT corruption of WASM i32 return values on 64-bit CPUs
https://notcve.org/view.php?id=CVE-2025-1933
28 Feb 2025 — This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8. ... This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8. ... This can potentially cause them to be treated as a different type. • https://bugzilla.mozilla.org/show_bug.cgi?id=1946004 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2024-43498 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43498
12 Nov 2024 — .NET and Visual Studio Remote Code Execution Vulnerability A type confusion vulnerability was found in .NET 9.0 Core in .NET that leads to AV in the .NET Core NrbfDecoder component. An update for firefox is now available for Red Hat Enterprise Linux 9. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.0EPSS: 0%CPEs: 21EXPL: 0CVE-2024-7652 – Type Confusion in Async Generators in Javascript Engine
https://notcve.org/view.php?id=CVE-2024-7652
06 Sep 2024 — An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. ... The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion,... • https://bugzilla.mozilla.org/show_bug.cgi?id=1901411 • CWE-476: NULL Pointer Dereference CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-8386 – mozilla: SelectElements could be shown over another site if popups are allowed
https://notcve.org/view.php?id=CVE-2024-8386
03 Sep 2024 — This vulnerability affects Firefox < 130 and Firefox ESR < 128.2. ... This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. ... Multiple security issues were discovered in Firefox. ... Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. • https://bugzilla.mozilla.org/show_bug.cgi?id=1907032 • CWE-290: Authentication Bypass by Spoofing CWE-358: Improperly Implemented Security Check for Standard •