CVE-2026-12319

🔶 medium

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

CVSS Score

6.5

Medium

EPSS Score

0.2

Exploit Probability

Published Date

2026-06-16

First Seen: 2026-06-17

This CVE is Lower Risk - more severe than 47.8% of all 328,009 vulnerabilities in our database.

#171,192

Below average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

🏆 Discovered By

jmwebdevelopement

SSVC data provided by CISA

Last Modified 2026-06-16

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE IDs (Weakness Types)

CWE-400

📦 Affected Products 2

Vendor	Product	Status	Affected Versions
mozilla	firefox	Affected	< 152.0.0
mozilla	thunderbird	Affected	< 152.0.0

Permissions Required

Vendor Advisory

Vendor Advisory

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-12289	⚠️ high	8.8	0.3	Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140....	2026-06-16
CVE-2026-12298	🔶 medium	5.4	0.2	Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird...	2026-06-16
CVE-2026-12299	🔶 medium	5.4	0.2	JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, F...	2026-06-16
CVE-2026-12303	🔶 medium	4.3	0.2	Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fi...	2026-06-16
CVE-2026-12311	🔶 medium	4.7	0.2	Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Fi...	2026-06-16
CVE-2026-12313	🔶 medium	4.7	0.2	Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Fi...	2026-06-16

These CVEs affect the same products