CVE-2026-12330
Received Received - Intake
Incorrect Boundary Conditions in Firefox ESR Internationalization Component

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: Mozilla Corporation

Description
Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12 and Firefox ESR 115.37.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-12330
EUVD
EUVD-2026-37076
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mozilla firefox_esr 140.12
mozilla firefox_esr 115.37
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves incorrect boundary conditions in the Internationalization component of Mozilla Firefox ESR. It means that the software did not properly handle certain limits or edges in processing internationalization data, which could lead to unexpected behavior or security issues. The problem was fixed in Firefox ESR versions 140.12 and 115.37.

Mitigation Strategies

To mitigate this vulnerability, update Firefox ESR to version 140.12 or later, or 115.37 or later, where the issue has been fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12330. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart