Mozilla has released updated Firefox version 152 and Firefox ESR versions 115.37 and 140.12 to fix multiple vulnerabilities.
The addressed vulnerabilities could allow the attacker to conduct denial-of-service and spoofing attacks, gain elevated privilege, trigger memory corruption, obtain sensitive information, bypass security restrictions, and execute arbitrary code on the affected systems.
Sample of the addressed vulnerabilities:
1) Mozilla Firefox Same-Origin Policy Bypass in the Networking: Cookies Component Vulnerability (CVE-2026-12304):
2) Mozilla Firefox Privilege Escalation in the Graphics: WebRender Component (CVE-2026-12289):
The enterprise should deploy this patch as soon as the testing phase is completed.
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |