Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2026-0497
Vulnerability from csaf_certbund - Published: 2026-02-24 23:00 - Updated: 2026-03-25 23:00Summary
Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Firefox ist ein Open Source Web Browser.
Firefox ist ein Open Source Web Browser.
ESR ist die Variante mit verlängertem Support.
Thunderbird ist ein Open Source E-Mail Client.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, sich erhöhte Rechte zu verschaffen, einen Denial-of-Service-Zustand herbeizuführen, sensible Informationen offenzulegen, Spoofing-Angriffe durchzuführen, Sicherheitsmaßnahmen zu umgehen oder andere nicht spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - MacOS X
- Sonstiges
- UNIX
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Firefox ist ein Open Source Web Browser.\r\nFirefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.\r\nThunderbird ist ein Open Source E-Mail Client.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, sich erh\u00f6hte Rechte zu verschaffen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, sensible Informationen offenzulegen, Spoofing-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen oder andere nicht spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0497 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0497.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0497 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0497"
},
{
"category": "external",
"summary": "MFSA 2026-12 Security Vulnerabilities fixed in Firefox for iOS 147.4 vom 2026-02-24",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-12/"
},
{
"category": "external",
"summary": "MFSA 2026-13 Security Vulnerabilities fixed in Firefox 148 vom 2026-02-24",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/"
},
{
"category": "external",
"summary": "MFSA 2026-14 Security Vulnerabilities fixed in Firefox ESR 115.33 vom 2026-02-24",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14/"
},
{
"category": "external",
"summary": "MFSA 2026-15 Security Vulnerabilities fixed in Firefox ESR 140.8 vom 2026-02-24",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/"
},
{
"category": "external",
"summary": "MFSA 2026-16 Security Vulnerabilities fixed in Thunderbird 148 vom 2026-02-24",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16/"
},
{
"category": "external",
"summary": "MFSA 2026-17 Security Vulnerabilities fixed in Thunderbird 140.8 vom 2026-02-24",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3339 vom 2026-02-25",
"url": "https://access.redhat.com/errata/RHSA-2026:3339"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10242-1 vom 2026-02-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QOYQZDLF7VEL3ZUY46SS34MOSIMJTZ3L/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6148 vom 2026-02-25",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00057.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3361 vom 2026-02-25",
"url": "https://access.redhat.com/errata/RHSA-2026:3361"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3338 vom 2026-02-25",
"url": "https://access.redhat.com/errata/RHSA-2026:3338"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6149 vom 2026-02-26",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00058.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3339 vom 2026-02-27",
"url": "http://linux.oracle.com/errata/ELSA-2026-3339.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3361 vom 2026-02-26",
"url": "https://errata.build.resf.org/RLSA-2026:3361"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3339 vom 2026-02-26",
"url": "https://errata.build.resf.org/RLSA-2026:3339"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3338 vom 2026-02-26",
"url": "https://errata.build.resf.org/RLSA-2026:3338"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3361 vom 2026-02-26",
"url": "https://linux.oracle.com/errata/ELSA-2026-3361.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3338 vom 2026-02-27",
"url": "http://linux.oracle.com/errata/ELSA-2026-3338.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3495 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3495"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3497 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3497"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3493 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3493"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4495 vom 2026-02-28",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00034.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6152 vom 2026-02-28",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00061.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3496 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3496"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3494 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3494"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10257-1 vom 2026-02-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q7GX3YZM5UTV3V2KG6DNS4MDJZ2U7AUP/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3491 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3491"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3492 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3492"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3517 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3517"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3516 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3516"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0740-1 vom 2026-03-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024523.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3515 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3515"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4496 vom 2026-03-02",
"url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00000.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3517 vom 2026-03-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-3517.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3516 vom 2026-03-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-3516.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3515 vom 2026-03-03",
"url": "https://errata.build.resf.org/RLSA-2026:3515"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3516 vom 2026-03-03",
"url": "https://errata.build.resf.org/RLSA-2026:3516"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3515 vom 2026-03-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-3515.html"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2026-05 vom 2026-03-03",
"url": "https://kb.igel.com/en/security-safety/current/isn-2026-05-firefox-esr-vulnerabilities"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8071-1 vom 2026-03-04",
"url": "https://ubuntu.com/security/notices/USN-8071-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8071-2 vom 2026-03-05",
"url": "https://ubuntu.com/security/notices/USN-8071-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0814-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024583.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0812-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024584.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0813-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024585.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3978 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3978"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3979 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3979"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3984 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3984"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3980 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3980"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3982 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3982"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3983 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3983"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3981 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4022 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:4022"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3976 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:3976"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4260 vom 2026-03-11",
"url": "https://access.redhat.com/errata/RHSA-2026:4260"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0871-1 vom 2026-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024678.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4432 vom 2026-03-12",
"url": "https://access.redhat.com/errata/RHSA-2026:4432"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0880-1 vom 2026-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024685.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3198 vom 2026-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3198.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2FIREFOX-2026-054 vom 2026-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2FIREFOX-2026-054.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4508 vom 2026-03-25",
"url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00012.html"
}
],
"source_lang": "en-US",
"title": "Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-25T23:00:00.000+00:00",
"generator": {
"date": "2026-03-26T08:07:55.809+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0497",
"initial_release_date": "2026-02-24T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-02-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE, Debian und Red Hat aufgenommen"
},
{
"date": "2026-02-26T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian, Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat, Debian und openSUSE aufgenommen"
},
{
"date": "2026-03-02T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE, Red Hat, Debian und Oracle Linux aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-09T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2026-03-12T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-19T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "14"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "iOS \u003c147.4",
"product": {
"name": "Mozilla Firefox iOS \u003c147.4",
"product_id": "T051133"
}
},
{
"category": "product_version",
"name": "iOS 147.4",
"product": {
"name": "Mozilla Firefox iOS 147.4",
"product_id": "T051133-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:ios__147.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c148",
"product": {
"name": "Mozilla Firefox \u003c148",
"product_id": "T051135"
}
},
{
"category": "product_version",
"name": "148",
"product": {
"name": "Mozilla Firefox 148",
"product_id": "T051135-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:148"
}
}
}
],
"category": "product_name",
"name": "Firefox"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c115.33",
"product": {
"name": "Mozilla Firefox ESR \u003c115.33",
"product_id": "T051136"
}
},
{
"category": "product_version",
"name": "115.33",
"product": {
"name": "Mozilla Firefox ESR 115.33",
"product_id": "T051136-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox_esr:115.33"
}
}
},
{
"category": "product_version_range",
"name": "\u003c140.8",
"product": {
"name": "Mozilla Firefox ESR \u003c140.8",
"product_id": "T051137"
}
},
{
"category": "product_version",
"name": "140.8",
"product": {
"name": "Mozilla Firefox ESR 140.8",
"product_id": "T051137-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox_esr:140.8"
}
}
}
],
"category": "product_name",
"name": "Firefox ESR"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c148",
"product": {
"name": "Mozilla Thunderbird \u003c148",
"product_id": "T051138"
}
},
{
"category": "product_version",
"name": "148",
"product": {
"name": "Mozilla Thunderbird 148",
"product_id": "T051138-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:thunderbird:148"
}
}
},
{
"category": "product_version_range",
"name": "\u003c140.8",
"product": {
"name": "Mozilla Thunderbird \u003c140.8",
"product_id": "T051139"
}
},
{
"category": "product_version",
"name": "140.8",
"product": {
"name": "Mozilla Thunderbird 140.8",
"product_id": "T051139-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:thunderbird:140.8"
}
}
}
],
"category": "product_name",
"name": "Thunderbird"
}
],
"category": "vendor",
"name": "Mozilla"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2634",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2634"
},
{
"cve": "CVE-2026-2757",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2757"
},
{
"cve": "CVE-2026-2758",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2758"
},
{
"cve": "CVE-2026-2759",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2759"
},
{
"cve": "CVE-2026-2760",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2760"
},
{
"cve": "CVE-2026-2761",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2761"
},
{
"cve": "CVE-2026-2762",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2762"
},
{
"cve": "CVE-2026-2763",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2763"
},
{
"cve": "CVE-2026-2764",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2764"
},
{
"cve": "CVE-2026-2765",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2765"
},
{
"cve": "CVE-2026-2766",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2766"
},
{
"cve": "CVE-2026-2767",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2767"
},
{
"cve": "CVE-2026-2768",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2768"
},
{
"cve": "CVE-2026-2769",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2769"
},
{
"cve": "CVE-2026-2770",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2770"
},
{
"cve": "CVE-2026-2771",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2771"
},
{
"cve": "CVE-2026-2772",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2772"
},
{
"cve": "CVE-2026-2773",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2773"
},
{
"cve": "CVE-2026-2774",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2774"
},
{
"cve": "CVE-2026-2775",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2775"
},
{
"cve": "CVE-2026-2776",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2776"
},
{
"cve": "CVE-2026-2777",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2777"
},
{
"cve": "CVE-2026-2778",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2778"
},
{
"cve": "CVE-2026-2779",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2779"
},
{
"cve": "CVE-2026-2780",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2780"
},
{
"cve": "CVE-2026-2781",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2781"
},
{
"cve": "CVE-2026-2782",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2782"
},
{
"cve": "CVE-2026-2783",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2783"
},
{
"cve": "CVE-2026-2784",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2784"
},
{
"cve": "CVE-2026-2785",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2785"
},
{
"cve": "CVE-2026-2786",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2786"
},
{
"cve": "CVE-2026-2787",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2787"
},
{
"cve": "CVE-2026-2788",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2788"
},
{
"cve": "CVE-2026-2789",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2789"
},
{
"cve": "CVE-2026-2790",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2790"
},
{
"cve": "CVE-2026-2791",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2791"
},
{
"cve": "CVE-2026-2792",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2792"
},
{
"cve": "CVE-2026-2793",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2793"
},
{
"cve": "CVE-2026-2794",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2794"
},
{
"cve": "CVE-2026-2795",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2795"
},
{
"cve": "CVE-2026-2796",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2796"
},
{
"cve": "CVE-2026-2797",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2797"
},
{
"cve": "CVE-2026-2798",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2798"
},
{
"cve": "CVE-2026-2799",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2799"
},
{
"cve": "CVE-2026-2800",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2800"
},
{
"cve": "CVE-2026-2801",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2801"
},
{
"cve": "CVE-2026-2802",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2802"
},
{
"cve": "CVE-2026-2803",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2803"
},
{
"cve": "CVE-2026-2804",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2804"
},
{
"cve": "CVE-2026-2805",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2805"
},
{
"cve": "CVE-2026-2806",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2806"
},
{
"cve": "CVE-2026-2807",
"product_status": {
"known_affected": [
"67646",
"T051137",
"T051136",
"T051139",
"T051138",
"T004914",
"T051133",
"T032255",
"T051135",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363"
]
},
"release_date": "2026-02-24T23:00:00.000+00:00",
"title": "CVE-2026-2807"
}
]
}
CVE-2026-2801 (GCVE-0-2026-2801)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Incorrect boundary conditions in the JavaScript: WebAssembly component
Summary
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
7.5 (High)
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Kanaru Sato
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:04:41.050210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:50:24.195Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kanaru Sato"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:26.297Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009901"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Incorrect boundary conditions in the JavaScript: WebAssembly component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2801",
"datePublished": "2026-02-24T13:33:29.929Z",
"dateReserved": "2026-02-19T15:06:54.497Z",
"dateUpdated": "2026-04-13T13:54:26.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2764 (GCVE-0-2026-2764)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
Summary
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:27:58.171528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:29:08.622Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:30.063Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012608"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2764",
"datePublished": "2026-02-24T13:33:03.207Z",
"dateReserved": "2026-02-19T15:05:32.669Z",
"dateUpdated": "2026-04-13T13:52:30.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2782 (GCVE-0-2026-2782)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Privilege escalation in the Netmonitor component
Summary
Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Cody
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:58.916536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Cody"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:27.919Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010743"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Privilege escalation in the Netmonitor component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2782",
"datePublished": "2026-02-24T13:33:16.262Z",
"dateReserved": "2026-02-19T15:06:15.435Z",
"dateUpdated": "2026-04-13T13:53:27.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2781 (GCVE-0-2026-2781)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Integer overflow in the Libraries component in NSS
Summary
Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Clay Ver Valen
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:07:29.760093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:07:34.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-03-25T16:26:01.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Clay Ver Valen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:25.426Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009552"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Integer overflow in the Libraries component in NSS"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2781",
"datePublished": "2026-02-24T13:33:15.551Z",
"dateReserved": "2026-02-19T15:06:13.592Z",
"dateUpdated": "2026-04-13T13:53:25.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2803 (GCVE-0-2026-2803)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Information disclosure, mitigation bypass in the Settings UI component
Summary
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
7.5 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Skywarp
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:00:43.091717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:01:27.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Skywarp"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:31.077Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012012"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Information disclosure, mitigation bypass in the Settings UI component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2803",
"datePublished": "2026-02-24T13:33:31.491Z",
"dateReserved": "2026-02-19T15:06:58.944Z",
"dateUpdated": "2026-04-13T13:54:31.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2775 (GCVE-0-2026-2775)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Mitigation bypass in the DOM: HTML Parser component
Summary
Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:20:30.575524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:21:34.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:46.171Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015199"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Mitigation bypass in the DOM: HTML Parser component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2775",
"datePublished": "2026-02-24T13:33:11.553Z",
"dateReserved": "2026-02-19T15:05:58.825Z",
"dateUpdated": "2026-04-13T13:52:46.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2763 (GCVE-0-2026-2763)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-15 15:39
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine component
Summary
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:25:44.670526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:39:44.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:27.511Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012018"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2763",
"datePublished": "2026-02-24T13:33:02.514Z",
"dateReserved": "2026-02-19T15:05:29.821Z",
"dateUpdated": "2026-04-15T15:39:44.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2791 (GCVE-0-2026-2791)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Mitigation bypass in the Networking: Cache component
Summary
Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:10:15.651384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:10:50.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:48.081Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015220"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Mitigation bypass in the Networking: Cache component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2791",
"datePublished": "2026-02-24T13:33:22.237Z",
"dateReserved": "2026-02-19T15:06:35.590Z",
"dateUpdated": "2026-04-13T13:53:48.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2789 (GCVE-0-2026-2789)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Use-after-free in the Graphics: ImageLib component
Summary
Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:15:58.191851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:50.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:00.745Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015179"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the Graphics: ImageLib component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2789",
"datePublished": "2026-02-24T13:33:20.961Z",
"dateReserved": "2026-02-19T15:06:31.096Z",
"dateUpdated": "2026-04-13T13:53:00.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2802 (GCVE-0-2026-2802)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Race condition in the JavaScript: GC component
Summary
Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
4.2 (Medium)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Gary Kwong
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T15:56:29.941950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T15:56:58.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gary Kwong"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:28.482Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011069"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Race condition in the JavaScript: GC component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2802",
"datePublished": "2026-02-24T13:33:30.784Z",
"dateReserved": "2026-02-19T15:06:56.714Z",
"dateUpdated": "2026-04-13T13:54:28.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2759 (GCVE-0-2026-2759)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:32 – Updated: 2026-04-15 15:38
VLAI?
EPSS
Title
Incorrect boundary conditions in the Graphics: ImageLib component
Summary
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-1384 - Improper Handling of Physical or Environmental Conditions
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Steven Julian
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:46:43.395477Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1384",
"description": "CWE-1384 Improper Handling of Physical or Environmental Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:38:00.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Steven Julian"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:21.286Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010933"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Graphics: ImageLib component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2759",
"datePublished": "2026-02-24T13:32:59.173Z",
"dateReserved": "2026-02-19T15:05:20.862Z",
"dateUpdated": "2026-04-15T15:38:00.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2796 (GCVE-0-2026-2796)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
JIT miscompilation in the JavaScript: WebAssembly component
Summary
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
9.8 (Critical)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T20:50:44.431364Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T20:52:22.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:13.816Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013165"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "JIT miscompilation in the JavaScript: WebAssembly component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2796",
"datePublished": "2026-02-24T13:33:26.775Z",
"dateReserved": "2026-02-19T15:06:43.289Z",
"dateUpdated": "2026-04-13T13:54:13.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2792 (GCVE-0-2026-2792)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
Summary
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Andrew McCreight, Maurice Dauer, Olli Pettay, Ryan Hunt
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2792",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:57.483447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew McCreight, Maurice Dauer, Olli Pettay, Ryan Hunt"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:50.518Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2792",
"datePublished": "2026-02-24T13:33:22.842Z",
"dateReserved": "2026-02-19T15:06:37.841Z",
"dateUpdated": "2026-04-13T13:53:50.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2758 (GCVE-0-2026-2758)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:32 – Updated: 2026-04-15 15:37
VLAI?
EPSS
Title
Use-after-free in the JavaScript: GC component
Summary
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Gary Kwong
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:44:21.619796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:37:39.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gary Kwong"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:19.199Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009608"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript: GC component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2758",
"datePublished": "2026-02-24T13:32:58.501Z",
"dateReserved": "2026-02-19T15:05:18.397Z",
"dateUpdated": "2026-04-15T15:37:39.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2780 (GCVE-0-2026-2780)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Privilege escalation in the Netmonitor component
Summary
Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
RyotaK of GMO Flatt Security Inc.
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:56:05.296618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:23.298Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2007829"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Privilege escalation in the Netmonitor component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2780",
"datePublished": "2026-02-24T13:33:14.850Z",
"dateReserved": "2026-02-19T15:06:11.352Z",
"dateUpdated": "2026-04-13T13:53:23.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2771 (GCVE-0-2026-2771)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Undefined behavior in the DOM: Core & HTML component
Summary
Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T01:45:06.873601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T15:19:30.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Undefined behavior in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Undefined behavior in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:37.299Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014593"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Undefined behavior in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2771",
"datePublished": "2026-02-24T13:33:08.538Z",
"dateReserved": "2026-02-19T15:05:48.804Z",
"dateUpdated": "2026-04-13T13:52:37.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2785 (GCVE-0-2026-2785)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Invalid pointer in the JavaScript Engine component
Summary
Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:06:44.652338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:06:49.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:37.061Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013549"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Invalid pointer in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2785",
"datePublished": "2026-02-24T13:33:18.254Z",
"dateReserved": "2026-02-19T15:06:21.995Z",
"dateUpdated": "2026-04-13T13:53:37.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2762 (GCVE-0-2026-2762)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-15 15:39
VLAI?
EPSS
Title
Integer overflow in the JavaScript: Standard Library component
Summary
Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
André Bargull
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:24:03.909176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:39:20.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andr\u00e9 Bargull"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:10.269Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011649"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Integer overflow in the JavaScript: Standard Library component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2762",
"datePublished": "2026-02-24T13:33:01.761Z",
"dateReserved": "2026-02-19T15:05:27.383Z",
"dateUpdated": "2026-04-15T15:39:20.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2784 (GCVE-0-2026-2784)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Mitigation bypass in the DOM: Security component
Summary
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
D. Santos
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:13:23.268966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:14:35.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "D. Santos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:34.499Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012984"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Mitigation bypass in the DOM: Security component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2784",
"datePublished": "2026-02-24T13:33:17.554Z",
"dateReserved": "2026-02-19T15:06:19.739Z",
"dateUpdated": "2026-04-13T13:53:34.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2773 (GCVE-0-2026-2773)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Incorrect boundary conditions in the Web Audio component
Summary
Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:37:52.446135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:38:52.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:41.764Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014832"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Web Audio component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2773",
"datePublished": "2026-02-24T13:33:10.177Z",
"dateReserved": "2026-02-19T15:05:53.926Z",
"dateUpdated": "2026-04-13T13:52:41.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2798 (GCVE-0-2026-2798)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Use-after-free in the DOM: Core & HTML component
Summary
Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2798",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T18:24:51.747768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T18:25:31.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Use-after-free in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:19.927Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014136"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Use-after-free in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2798",
"datePublished": "2026-02-24T13:33:28.034Z",
"dateReserved": "2026-02-19T15:06:47.628Z",
"dateUpdated": "2026-04-13T13:54:19.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2799 (GCVE-0-2026-2799)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Use-after-free in the DOM: Core & HTML component
Summary
Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2799",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:15:46.216517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:49.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Use-after-free in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:22.045Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014551"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Use-after-free in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2799",
"datePublished": "2026-02-24T13:33:28.665Z",
"dateReserved": "2026-02-19T15:06:49.658Z",
"dateUpdated": "2026-04-13T13:54:22.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2795 (GCVE-0-2026-2795)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Use-after-free in the JavaScript: GC component
Summary
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
x0e
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2795",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:15:53.348860Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:49.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "x0e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:11.193Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010940"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Use-after-free in the JavaScript: GC component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2795",
"datePublished": "2026-02-24T13:33:26.111Z",
"dateReserved": "2026-02-19T15:06:41.117Z",
"dateUpdated": "2026-04-13T13:54:11.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2807 (GCVE-0-2026-2807)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Memory safety bugs fixed in Firefox 148 and Thunderbird 148
Summary
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Agi Sferro, Andrew McCreight, Randell Jesup, Tom Schuster
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:41.912370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Agi Sferro, Andrew McCreight, Randell Jesup, Tom Schuster"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:40.828Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox 148 and Thunderbird 148",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1756056%2C1999402%2C2004872%2C2006037%2C2012855"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Memory safety bugs fixed in Firefox 148 and Thunderbird 148"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2807",
"datePublished": "2026-02-24T13:33:34.035Z",
"dateReserved": "2026-02-19T15:07:07.640Z",
"dateUpdated": "2026-04-13T13:54:40.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2793 (GCVE-0-2026-2793)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
Summary
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Andrew McCreight, Christian Holler
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:55.876404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew McCreight, Christian Holler"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:03.837Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2793",
"datePublished": "2026-02-24T13:33:23.571Z",
"dateReserved": "2026-02-19T15:06:38.377Z",
"dateUpdated": "2026-04-13T13:53:03.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2777 (GCVE-0-2026-2777)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Privilege escalation in the Messaging System component
Summary
Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Richard Belisle
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:56:06.730737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:09.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Richard Belisle"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:51.037Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015305"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Privilege escalation in the Messaging System component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2777",
"datePublished": "2026-02-24T13:33:12.869Z",
"dateReserved": "2026-02-19T15:06:03.824Z",
"dateUpdated": "2026-04-13T13:52:51.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2788 (GCVE-0-2026-2788)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Incorrect boundary conditions in the Audio/Video: GMP component
Summary
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:11:58.735838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:12:31.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:58.431Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014824"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Audio/Video: GMP component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2788",
"datePublished": "2026-02-24T13:33:20.287Z",
"dateReserved": "2026-02-19T15:06:29.079Z",
"dateUpdated": "2026-04-13T13:52:58.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2770 (GCVE-0-2026-2770)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Use-after-free in the DOM: Bindings (WebIDL) component
Summary
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:16:08.897990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:50.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:34.610Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014585"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the DOM: Bindings (WebIDL) component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2770",
"datePublished": "2026-02-24T13:33:07.898Z",
"dateReserved": "2026-02-19T15:05:46.768Z",
"dateUpdated": "2026-04-13T13:52:34.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2767 (GCVE-0-2026-2767)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Use-after-free in the JavaScript: WebAssembly component
Summary
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:10:23.640186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:10:59.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:16.679Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013741"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript: WebAssembly component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2767",
"datePublished": "2026-02-24T13:33:05.551Z",
"dateReserved": "2026-02-19T15:05:39.633Z",
"dateUpdated": "2026-04-13T13:53:16.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2772 (GCVE-0-2026-2772)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Use-after-free in the Audio/Video: Playback component
Summary
Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2772",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:16:03.154809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:50.266Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:39.456Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014827"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the Audio/Video: Playback component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2772",
"datePublished": "2026-02-24T13:33:09.181Z",
"dateReserved": "2026-02-19T15:05:51.470Z",
"dateUpdated": "2026-04-13T13:52:39.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2760 (GCVE-0-2026-2760)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-15 15:38
VLAI?
EPSS
Title
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
Summary
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
10 (Critical)
CWE
- CWE-1384 - Improper Handling of Physical or Environmental Conditions
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Oskar L
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2760",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:49:35.987873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1384",
"description": "CWE-1384 Improper Handling of Physical or Environmental Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:38:19.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oskar L"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:23.200Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011062"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2760",
"datePublished": "2026-02-24T13:33:00.290Z",
"dateReserved": "2026-02-19T15:05:23.107Z",
"dateUpdated": "2026-04-15T15:38:19.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2761 (GCVE-0-2026-2761)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-15 15:38
VLAI?
EPSS
Title
Sandbox escape in the Graphics: WebRender component
Summary
Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
10 (Critical)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Oskar L
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:52:27.559542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T15:38:48.489Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oskar L"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:25.428Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011063"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape in the Graphics: WebRender component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2761",
"datePublished": "2026-02-24T13:33:01.011Z",
"dateReserved": "2026-02-19T15:05:25.145Z",
"dateUpdated": "2026-04-15T15:38:48.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2776 (GCVE-0-2026-2776)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
Summary
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
10 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:19:08.973804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:19:44.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:48.532Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015266"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2776",
"datePublished": "2026-02-24T13:33:12.247Z",
"dateReserved": "2026-02-19T15:06:01.828Z",
"dateUpdated": "2026-04-13T13:52:48.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2766 (GCVE-0-2026-2766)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine: JIT component
Summary
Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:31:58.549905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:32:50.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:14.602Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013583"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine: JIT component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2766",
"datePublished": "2026-02-24T13:33:04.946Z",
"dateReserved": "2026-02-19T15:05:37.180Z",
"dateUpdated": "2026-04-13T13:53:14.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2757 (GCVE-0-2026-2757)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:32 – Updated: 2026-04-14 15:11
VLAI?
EPSS
Title
Incorrect boundary conditions in the WebRTC: Audio/Video component
Summary
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-1384 - Improper Handling of Physical or Environmental Conditions
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Igor Morgenstern
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:39:17.644870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1384",
"description": "CWE-1384 Improper Handling of Physical or Environmental Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:11:01.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Igor Morgenstern"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:17.175Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2001637"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the WebRTC: Audio/Video component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2757",
"datePublished": "2026-02-24T13:32:57.740Z",
"dateReserved": "2026-02-19T15:05:16.301Z",
"dateUpdated": "2026-04-14T15:11:01.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2769 (GCVE-0-2026-2769)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Use-after-free in the Storage: IndexedDB component
Summary
Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T14:20:50.862453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T14:21:09.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:32.795Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014550"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the Storage: IndexedDB component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2769",
"datePublished": "2026-02-24T13:33:06.912Z",
"dateReserved": "2026-02-19T15:05:44.343Z",
"dateUpdated": "2026-04-13T13:52:32.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2786 (GCVE-0-2026-2786)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine component
Summary
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2786",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:03:48.457816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:04:22.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:40.663Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013612"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2786",
"datePublished": "2026-02-24T13:33:18.980Z",
"dateReserved": "2026-02-19T15:06:24.424Z",
"dateUpdated": "2026-04-13T13:53:40.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2800 (GCVE-0-2026-2800)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Spoofing issue in the WebAuthn component in Firefox for Android
Summary
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
9.8 (Critical)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
hafiizh & kang ali
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2800",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:34:18.835950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:34:47.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "hafiizh \u0026 kang ali"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:24.117Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988145"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Spoofing issue in the WebAuthn component in Firefox for Android"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2800",
"datePublished": "2026-02-24T13:33:29.312Z",
"dateReserved": "2026-02-19T15:06:52.343Z",
"dateUpdated": "2026-04-13T13:54:24.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2634 (GCVE-0-2026-2634)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Spoofed web content presented under trusted domains using scripted navigation on Firefox iOS
Summary
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4.
Severity ?
9.8 (Critical)
CWE
- CWE-451 - User Interface (UI) Misrepresentation of Critical Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Firefox for iOS |
Unaffected:
147.4 , ≤ *
(rpm)
|
Credits
Renwa
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-27T20:55:08.919904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T20:55:35.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox for iOS",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "147.4",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Renwa"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4."
}
],
"value": "Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:52.498Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1975529"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-12/"
}
],
"title": "Spoofed web content presented under trusted domains using scripted navigation on Firefox iOS"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2634",
"datePublished": "2026-02-24T13:33:24.725Z",
"dateReserved": "2026-02-17T18:31:35.581Z",
"dateUpdated": "2026-04-13T13:53:52.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2794 (GCVE-0-2026-2794)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android
Summary
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148.
Severity ?
6.5 (Medium)
CWE
- CWE-908 - Use of Uninitialized Resource
Assigner
References
Credits
Steven Julian
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2794",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:18:03.470831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:18:07.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Steven Julian"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148."
}
],
"value": "Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:08.870Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2008365"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
}
],
"title": "Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2794",
"datePublished": "2026-02-24T13:33:25.399Z",
"dateReserved": "2026-02-19T15:06:38.903Z",
"dateUpdated": "2026-04-13T13:54:08.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2797 (GCVE-0-2026-2797)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Use-after-free in the JavaScript: GC component
Summary
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:15:49.739295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:49.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:17.607Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013561"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Use-after-free in the JavaScript: GC component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2797",
"datePublished": "2026-02-24T13:33:27.406Z",
"dateReserved": "2026-02-19T15:06:45.386Z",
"dateUpdated": "2026-04-13T13:54:17.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2768 (GCVE-0-2026-2768)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Sandbox escape in the Storage: IndexedDB component
Summary
Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
10 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T21:02:57.231055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T21:05:03.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:18.772Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014101"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape in the Storage: IndexedDB component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2768",
"datePublished": "2026-02-24T13:33:06.258Z",
"dateReserved": "2026-02-19T15:05:41.880Z",
"dateUpdated": "2026-04-13T13:53:18.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2774 (GCVE-0-2026-2774)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Integer overflow in the Audio/Video component
Summary
Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:21:15.368021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:21:19.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:44.181Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014883"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Integer overflow in the Audio/Video component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2774",
"datePublished": "2026-02-24T13:33:10.821Z",
"dateReserved": "2026-02-19T15:05:56.372Z",
"dateUpdated": "2026-04-13T13:52:44.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2778 (GCVE-0-2026-2778)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
Summary
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
10 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:17:17.791021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:18:10.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:53.411Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016358"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2778",
"datePublished": "2026-02-24T13:33:13.564Z",
"dateReserved": "2026-02-19T15:06:06.469Z",
"dateUpdated": "2026-04-13T13:52:53.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2787 (GCVE-0-2026-2787)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:52
VLAI?
EPSS
Title
Use-after-free in the DOM: Window and Location component
Summary
Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
115.33 , ≤ 115.*
(rpm)
Unaffected: 140.8 , ≤ 140.* (rpm) Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:02:37.287928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:02:41.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "115.*",
"status": "unaffected",
"version": "115.33",
"versionType": "rpm"
},
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:52:56.351Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014560"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the DOM: Window and Location component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2787",
"datePublished": "2026-02-24T13:33:19.579Z",
"dateReserved": "2026-02-19T15:06:26.851Z",
"dateUpdated": "2026-04-13T13:52:56.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2806 (GCVE-0-2026-2806)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Uninitialized memory in the Graphics: Text component
Summary
Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
9.1 (Critical)
CWE
- CWE-457 - Use of Uninitialized Variable
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Zijie Zhao
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T21:23:50.824307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457 Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T21:29:33.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zijie Zhao"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:38.306Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2006199"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Uninitialized memory in the Graphics: Text component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2806",
"datePublished": "2026-02-24T13:33:33.407Z",
"dateReserved": "2026-02-19T15:07:05.634Z",
"dateUpdated": "2026-04-13T13:54:38.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2779 (GCVE-0-2026-2779)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Incorrect boundary conditions in the Networking: JAR component
Summary
Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Alex Mayorga
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:15:18.517530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:16:09.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alex Mayorga"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:21.075Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1164141"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Networking: JAR component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2779",
"datePublished": "2026-02-24T13:33:14.195Z",
"dateReserved": "2026-02-19T15:06:08.909Z",
"dateUpdated": "2026-04-13T13:53:21.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2804 (GCVE-0-2026-2804)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Use-after-free in the JavaScript: WebAssembly component
Summary
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
5.4 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T15:55:39.007594Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T15:56:04.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:33.221Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013584"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Use-after-free in the JavaScript: WebAssembly component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2804",
"datePublished": "2026-02-24T13:33:32.144Z",
"dateReserved": "2026-02-19T15:07:01.585Z",
"dateUpdated": "2026-04-13T13:54:33.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2765 (GCVE-0-2026-2765)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine component
Summary
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:30:09.342761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:31:24.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:12.398Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013562"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2765",
"datePublished": "2026-02-24T13:33:03.943Z",
"dateReserved": "2026-02-19T15:05:35.131Z",
"dateUpdated": "2026-04-13T13:53:12.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2805 (GCVE-0-2026-2805)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:54
VLAI?
EPSS
Title
Invalid pointer in the DOM: Core & HTML component
Summary
Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Severity ?
9.8 (Critical)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
148 , ≤ *
(rpm)
|
|||||||
|
|||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2805",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T21:28:52.364276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T21:30:08.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Invalid pointer in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"value": "Invalid pointer in the DOM: Core \u0026 HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:54:35.780Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014549"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
}
],
"title": "Invalid pointer in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2805",
"datePublished": "2026-02-24T13:33:32.768Z",
"dateReserved": "2026-02-19T15:07:03.616Z",
"dateUpdated": "2026-04-13T13:54:35.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2783 (GCVE-0-2026-2783)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
Summary
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
6.5 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
x0e
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2783",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:09:59.675929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:10:05.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "x0e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:30.360Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010943"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2783",
"datePublished": "2026-02-24T13:33:16.921Z",
"dateReserved": "2026-02-19T15:06:17.478Z",
"dateUpdated": "2026-04-13T13:53:30.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2790 (GCVE-0-2026-2790)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-04-13 13:53
VLAI?
EPSS
Title
Same-origin policy bypass in the Networking: JAR component
Summary
Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
Severity ?
8.8 (High)
CWE
- CWE-346 - Origin Validation Error
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Unaffected:
140.8 , ≤ 140.*
(rpm)
Unaffected: 148 , ≤ * (rpm) |
|||||||
|
|||||||||
Credits
Surya Dev Singh
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:20:32.030296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:20:36.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThanOrEqual": "140.*",
"status": "unaffected",
"version": "140.8",
"versionType": "rpm"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "148",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Surya Dev Singh"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"value": "Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:53:42.980Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2008426"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Same-origin policy bypass in the Networking: JAR component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2790",
"datePublished": "2026-02-24T13:33:21.600Z",
"dateReserved": "2026-02-19T15:06:33.357Z",
"dateUpdated": "2026-04-13T13:53:42.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…