CVE-2026-12295: firefox: thunderbird: Sandbox escape in the DOM: Navigation component

Severity: Critical

CVSS Score: 9.6

Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.