We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6.
History

Tue, 14 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-763
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 14 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Vendors & Products Mozilla
Mozilla firefox

Tue, 14 Jul 2026 12:45:00 +0000

Type Values Removed Values Added
Description We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6.
Title Invalid pointer in the JavaScript: WebAssembly component
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-07-14T13:35:17.223Z

Reserved: 2026-07-14T12:15:45.500Z

Link: CVE-2026-15718

cve-icon Vulnrichment

Updated: 2026-07-14T13:35:01.033Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-14T13:30:03Z