Security Vulnerabilities fixed in Firefox 150.0.3 — Mozilla Mozilla Foundation Security Advisory 2026-45

Created on 2026-05-13 06:44, updated on 2026-05-13 06:44, by Alexandre Dulaunoy

JSON

Description

Security Vulnerabilities fixed in Firefox 150.0.3 — Mozilla

Mozilla Foundation Security Advisory 2026-45

Announced

May 12, 2026

Impact

high

Products

Firefox

Fixed in

Firefox 150.0.3

#CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component

Reporter

ggwhyp

Impact

high

References

Bug 2036978

#CVE-2026-8389: JIT miscompilation in the JavaScript Engine: JIT component

Reporter

ggwhyp

Impact

high

References

Bug 2036983

#CVE-2026-8390: Use-after-free in the JavaScript: WebAssembly component

Reporter

OpenAI Preparedness, Bill Demirkapi

Impact

high

References

Bug 2038081

#CVE-2026-8391: Other issue in the JavaScript Engine component

Reporter

ggwhyp

Impact

high

References

Bug 2038575

#CVE-2026-8401: Sandbox escape in the Profile Backup component

Reporter

ggwhyp

Impact

high

References

Bug 2038679

Vulnerabilities included in this bundle

Combined detection rules

Detection rules are retrieved from Rulezet.

Combined sightings

Author	Vulnerability	Source	Type	Date