CVE-2019-17026
Mozilla Firefox And Thunderbird Type Confusion Vulnerability
CVSS
—
No CVSS
EPSS
43.4%
p99
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
43.4%EPSS · 30 days46.6%
2026-06-302026-07-16
Product
Mozilla / Firefox and Thunderbird
Vulnerability
Mozilla Firefox And Thunderbird Type Confusion Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-17026
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2013-1690—99.3%
KEV—80Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability—CVE-2019-11708—98.9%
KEV—80Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability—CVE-2019-11707—98.4%
KEV—80Mozilla Firefox and Thunderbird Type Confusion Vulnerability—CVE-2020-6820—92.8%
KEV—78Mozilla Firefox And Thunderbird Use-After-Free Vulnerability—CVE-2020-6819—85.7%
KEV—76Mozilla Firefox And Thunderbird Use-After-Free Vulnerability—