Action not permitted
Modal body text goes here.
Modal Title
Modal Body
alsa-2026:3517
Vulnerability from osv_almalinux
Published
2026-03-02 00:00
Modified
2026-03-05 07:45
Summary
Important: thunderbird security update
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)
- firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)
- firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2793)
- firefox: Undefined behavior in the DOM: Core & HTML component (CVE-2026-2771)
- firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)
- firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software (CVE-2026-2776)
- firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)
- firefox: Use-after-free in the JavaScript Engine: JIT component (CVE-2026-2766)
- firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)
- firefox: Use-after-free in the DOM: Window and Location component (CVE-2026-2787)
- firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)
- firefox: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-2783)
- firefox: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-2788)
- firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)
- firefox: Incorrect boundary conditions in the Graphics: ImageLib component (CVE-2026-2759)
- firefox: Integer overflow in the JavaScript: Standard Library component (CVE-2026-2762)
- firefox: Sandbox escape in the Graphics: WebRender component (CVE-2026-2761)
- firefox: Privilege escalation in the Messaging System component (CVE-2026-2777)
- firefox: Same-origin policy bypass in the Networking: JAR component (CVE-2026-2790)
- firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)
- firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)
- firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2792)
- firefox: Incorrect boundary conditions in the Web Audio component (CVE-2026-2773)
- firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)
- firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)
- firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component (CVE-2026-2757)
- firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component (CVE-2026-2760)
- firefox: Use-after-free in the Audio/Video: Playback component (CVE-2026-2772)
- firefox: Incorrect boundary conditions in the Networking: JAR component (CVE-2026-2779)
- firefox: Use-after-free in the JavaScript: WebAssembly component (CVE-2026-2767)
- firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component (CVE-2026-2764)
- firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)
- firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)
- firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)
- firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component (CVE-2026-2778)
- firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)
- firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)
- firefox: Use-after-free in the DOM: Bindings (WebIDL) component (CVE-2026-2770)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "thunderbird"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "140.8.0-2.el10_1.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Mozilla Thunderbird is a standalone mail and newsgroup client. \n\nSecurity Fix(es): \n\n * libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)\n * firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)\n * firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2793)\n * firefox: Undefined behavior in the DOM: Core \u0026 HTML component (CVE-2026-2771)\n * firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)\n * firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software (CVE-2026-2776)\n * firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)\n * firefox: Use-after-free in the JavaScript Engine: JIT component (CVE-2026-2766)\n * firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)\n * firefox: Use-after-free in the DOM: Window and Location component (CVE-2026-2787)\n * firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)\n * firefox: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-2783)\n * firefox: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-2788)\n * firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)\n * firefox: Incorrect boundary conditions in the Graphics: ImageLib component (CVE-2026-2759)\n * firefox: Integer overflow in the JavaScript: Standard Library component (CVE-2026-2762)\n * firefox: Sandbox escape in the Graphics: WebRender component (CVE-2026-2761)\n * firefox: Privilege escalation in the Messaging System component (CVE-2026-2777)\n * firefox: Same-origin policy bypass in the Networking: JAR component (CVE-2026-2790)\n * firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)\n * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)\n * firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2792)\n * firefox: Incorrect boundary conditions in the Web Audio component (CVE-2026-2773)\n * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)\n * firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)\n * firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component (CVE-2026-2757)\n * firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component (CVE-2026-2760)\n * firefox: Use-after-free in the Audio/Video: Playback component (CVE-2026-2772)\n * firefox: Incorrect boundary conditions in the Networking: JAR component (CVE-2026-2779)\n * firefox: Use-after-free in the JavaScript: WebAssembly component (CVE-2026-2767)\n * firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component (CVE-2026-2764)\n * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)\n * firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)\n * firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)\n * firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component (CVE-2026-2778)\n * firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)\n * firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)\n * firefox: Use-after-free in the DOM: Bindings (WebIDL) component (CVE-2026-2770)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:3517",
"modified": "2026-03-05T07:45:44Z",
"published": "2026-03-02T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:3517"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2447"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2757"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2758"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2759"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2760"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2761"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2762"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2763"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2764"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2765"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2766"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2767"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2768"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2769"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2770"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2771"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2772"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2773"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2774"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2775"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2776"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2777"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2778"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2779"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2780"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2781"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2782"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2783"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2784"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2785"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2786"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2787"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2788"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2789"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2790"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2791"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2792"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-2793"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2440219"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442284"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442287"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442288"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442290"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442292"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442294"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442295"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442297"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442298"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442300"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442302"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442304"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442307"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442308"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442309"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442312"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442313"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442314"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442316"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442318"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442319"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442320"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442322"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442324"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442325"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442326"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442327"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442328"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442329"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442331"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442333"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442334"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442335"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442337"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442342"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2442343"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2026-3517.html"
}
],
"related": [
"CVE-2026-2447",
"CVE-2026-2785",
"CVE-2026-2793",
"CVE-2026-2771",
"CVE-2026-2774",
"CVE-2026-2776",
"CVE-2026-2781",
"CVE-2026-2766",
"CVE-2026-2769",
"CVE-2026-2787",
"CVE-2026-2768",
"CVE-2026-2783",
"CVE-2026-2788",
"CVE-2026-2784",
"CVE-2026-2759",
"CVE-2026-2762",
"CVE-2026-2761",
"CVE-2026-2777",
"CVE-2026-2790",
"CVE-2026-2775",
"CVE-2026-2763",
"CVE-2026-2792",
"CVE-2026-2773",
"CVE-2026-2786",
"CVE-2026-2789",
"CVE-2026-2757",
"CVE-2026-2760",
"CVE-2026-2772",
"CVE-2026-2779",
"CVE-2026-2767",
"CVE-2026-2764",
"CVE-2026-2782",
"CVE-2026-2765",
"CVE-2026-2780",
"CVE-2026-2778",
"CVE-2026-2758",
"CVE-2026-2791",
"CVE-2026-2770"
],
"summary": "Important: thunderbird security update"
}
CVE-2026-2784 (GCVE-0-2026-2784)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-28 03:14
VLAI?
EPSS
Title
Mitigation bypass in the DOM: Security component
Summary
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
D. Santos
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:13:23.268966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:14:35.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "D. Santos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:36.359Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012984"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Mitigation bypass in the DOM: Security component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2784",
"datePublished": "2026-02-24T13:33:17.554Z",
"dateReserved": "2026-02-19T15:06:19.739Z",
"dateUpdated": "2026-02-28T03:14:35.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2793 (GCVE-0-2026-2793)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 14:44
VLAI?
EPSS
Title
Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
Summary
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Andrew McCreight, Christian Holler
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:55.876404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew McCreight, Christian Holler"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:40.827Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2793",
"datePublished": "2026-02-24T13:33:23.571Z",
"dateReserved": "2026-02-19T15:06:38.377Z",
"dateUpdated": "2026-02-26T14:44:08.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2777 (GCVE-0-2026-2777)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 14:44
VLAI?
EPSS
Title
Privilege escalation in the Messaging System component
Summary
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Richard Belisle
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:56:06.730737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:09.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Richard Belisle"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation in the Messaging System component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Privilege escalation in the Messaging System component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:28.615Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015305"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Privilege escalation in the Messaging System component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2777",
"datePublished": "2026-02-24T13:33:12.869Z",
"dateReserved": "2026-02-19T15:06:03.824Z",
"dateUpdated": "2026-02-26T14:44:09.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2764 (GCVE-0-2026-2764)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
Summary
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:27:58.171528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:29:08.622Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:48.431Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012608"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2764",
"datePublished": "2026-02-24T13:33:03.207Z",
"dateReserved": "2026-02-19T15:05:32.669Z",
"dateUpdated": "2026-03-06T11:25:48.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2763 (GCVE-0-2026-2763)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine component
Summary
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:25:44.670526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:27:22.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:47.808Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012018"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2763",
"datePublished": "2026-02-24T13:33:02.514Z",
"dateReserved": "2026-02-19T15:05:29.821Z",
"dateUpdated": "2026-03-06T11:25:47.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2772 (GCVE-0-2026-2772)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the Audio/Video: Playback component
Summary
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2772",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:16:03.154809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:50.266Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:50.906Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014827"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the Audio/Video: Playback component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2772",
"datePublished": "2026-02-24T13:33:09.181Z",
"dateReserved": "2026-02-19T15:05:51.470Z",
"dateUpdated": "2026-03-06T11:25:50.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2771 (GCVE-0-2026-2771)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-11 15:19
VLAI?
EPSS
Title
Undefined behavior in the DOM: Core & HTML component
Summary
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T01:45:06.873601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T15:19:30.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Undefined behavior in the DOM: Core \u0026 HTML component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Undefined behavior in the DOM: Core \u0026 HTML component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:50.339Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014593"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Undefined behavior in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2771",
"datePublished": "2026-02-24T13:33:08.538Z",
"dateReserved": "2026-02-19T15:05:48.804Z",
"dateUpdated": "2026-03-11T15:19:30.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2782 (GCVE-0-2026-2782)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 14:44
VLAI?
EPSS
Title
Privilege escalation in the Netmonitor component
Summary
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Cody
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:58.916536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Cody"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation in the Netmonitor component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Privilege escalation in the Netmonitor component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:33.383Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010743"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Privilege escalation in the Netmonitor component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2782",
"datePublished": "2026-02-24T13:33:16.262Z",
"dateReserved": "2026-02-19T15:06:15.435Z",
"dateUpdated": "2026-02-26T14:44:08.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2761 (GCVE-0-2026-2761)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 15:53
VLAI?
EPSS
Title
Sandbox escape in the Graphics: WebRender component
Summary
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
10 (Critical)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Oskar L
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:52:27.559542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:53:16.322Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oskar L"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:15.523Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011063"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape in the Graphics: WebRender component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2761",
"datePublished": "2026-02-24T13:33:01.011Z",
"dateReserved": "2026-02-19T15:05:25.145Z",
"dateUpdated": "2026-02-26T15:53:16.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2788 (GCVE-0-2026-2788)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Incorrect boundary conditions in the Audio/Video: GMP component
Summary
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:11:58.735838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:12:31.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:54.718Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014824"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Audio/Video: GMP component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2788",
"datePublished": "2026-02-24T13:33:20.287Z",
"dateReserved": "2026-02-19T15:06:29.079Z",
"dateUpdated": "2026-03-06T11:25:54.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2789 (GCVE-0-2026-2789)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the Graphics: ImageLib component
Summary
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:15:58.191851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:50.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:55.264Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015179"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the Graphics: ImageLib component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2789",
"datePublished": "2026-02-24T13:33:20.961Z",
"dateReserved": "2026-02-19T15:06:31.096Z",
"dateUpdated": "2026-03-06T11:25:55.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2766 (GCVE-0-2026-2766)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine: JIT component
Summary
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:31:58.549905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:32:50.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:56.928Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013583"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine: JIT component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2766",
"datePublished": "2026-02-24T13:33:04.946Z",
"dateReserved": "2026-02-19T15:05:37.180Z",
"dateUpdated": "2026-03-06T11:25:56.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2776 (GCVE-0-2026-2776)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-28 03:19
VLAI?
EPSS
Title
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
Summary
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
10 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:19:08.973804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:19:44.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:28.178Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015266"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2776",
"datePublished": "2026-02-24T13:33:12.247Z",
"dateReserved": "2026-02-19T15:06:01.828Z",
"dateUpdated": "2026-02-28T03:19:44.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2775 (GCVE-0-2026-2775)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Mitigation bypass in the DOM: HTML Parser component
Summary
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:20:30.575524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:21:34.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:52.668Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015199"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Mitigation bypass in the DOM: HTML Parser component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2775",
"datePublished": "2026-02-24T13:33:11.553Z",
"dateReserved": "2026-02-19T15:05:58.825Z",
"dateUpdated": "2026-03-06T11:25:52.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2758 (GCVE-0-2026-2758)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:32 – Updated: 2026-02-26 15:45
VLAI?
EPSS
Title
Use-after-free in the JavaScript: GC component
Summary
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Gary Kwong
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:44:21.619796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:45:43.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gary Kwong"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:14.017Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009608"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript: GC component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2758",
"datePublished": "2026-02-24T13:32:58.501Z",
"dateReserved": "2026-02-19T15:05:18.397Z",
"dateUpdated": "2026-02-26T15:45:43.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2773 (GCVE-0-2026-2773)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Incorrect boundary conditions in the Web Audio component
Summary
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:37:52.446135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:38:52.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:51.486Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014832"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Web Audio component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2773",
"datePublished": "2026-02-24T13:33:10.177Z",
"dateReserved": "2026-02-19T15:05:53.926Z",
"dateUpdated": "2026-03-06T11:25:51.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2770 (GCVE-0-2026-2770)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the DOM: Bindings (WebIDL) component
Summary
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:16:08.897990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:52:50.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:49.753Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014585"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the DOM: Bindings (WebIDL) component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2770",
"datePublished": "2026-02-24T13:33:07.898Z",
"dateReserved": "2026-02-19T15:05:46.768Z",
"dateUpdated": "2026-03-06T11:25:49.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2781 (GCVE-0-2026-2781)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 20:07
VLAI?
EPSS
Title
Integer overflow in the Libraries component in NSS
Summary
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Clay Ver Valen
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:07:29.760093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:07:34.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Clay Ver Valen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:32.527Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009552"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Integer overflow in the Libraries component in NSS"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2781",
"datePublished": "2026-02-24T13:33:15.551Z",
"dateReserved": "2026-02-19T15:06:13.592Z",
"dateUpdated": "2026-02-26T20:07:34.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2790 (GCVE-0-2026-2790)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 20:20
VLAI?
EPSS
Title
Same-origin policy bypass in the Networking: JAR component
Summary
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-346 - Origin Validation Error
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Surya Dev Singh
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:20:32.030296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:20:36.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Surya Dev Singh"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:39.461Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2008426"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Same-origin policy bypass in the Networking: JAR component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2790",
"datePublished": "2026-02-24T13:33:21.600Z",
"dateReserved": "2026-02-19T15:06:33.357Z",
"dateUpdated": "2026-02-26T20:20:36.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2447 (GCVE-0-2026-2447)
Vulnerability from cvelistv5 – Published: 2026-02-16 14:13 – Updated: 2026-02-22 21:05
VLAI?
EPSS
Title
Heap buffer overflow in libvpx
Summary
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
Severity ?
8.8 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 147.0.4
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
jayjayjazz
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-17T14:52:59.556198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-17T14:53:32.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-02-22T21:05:42.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "147.0.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.7.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.32.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.7.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "147.0.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "jayjayjazz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap buffer overflow in libvpx. This vulnerability affects Firefox \u003c 147.0.4, Firefox ESR \u003c 140.7.1, Firefox ESR \u003c 115.32.1, Thunderbird \u003c 140.7.2, and Thunderbird \u003c 147.0.2."
}
],
"value": "Heap buffer overflow in libvpx. This vulnerability affects Firefox \u003c 147.0.4, Firefox ESR \u003c 140.7.1, Firefox ESR \u003c 115.32.1, Thunderbird \u003c 140.7.2, and Thunderbird \u003c 147.0.2."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-16T15:18:48.288Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014390"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-10/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-11/"
}
],
"title": "Heap buffer overflow in libvpx"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2447",
"datePublished": "2026-02-16T14:13:23.559Z",
"dateReserved": "2026-02-13T09:28:08.874Z",
"dateUpdated": "2026-02-22T21:05:42.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2774 (GCVE-0-2026-2774)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Integer overflow in the Audio/Video component
Summary
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:21:15.368021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:21:19.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer overflow in the Audio/Video component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Integer overflow in the Audio/Video component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:52.024Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014883"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Integer overflow in the Audio/Video component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2774",
"datePublished": "2026-02-24T13:33:10.821Z",
"dateReserved": "2026-02-19T15:05:56.372Z",
"dateUpdated": "2026-03-06T11:25:52.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2785 (GCVE-0-2026-2785)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:26
VLAI?
EPSS
Title
Invalid pointer in the JavaScript Engine component
Summary
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:06:44.652338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:06:49.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:26:00.375Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013549"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Invalid pointer in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2785",
"datePublished": "2026-02-24T13:33:18.254Z",
"dateReserved": "2026-02-19T15:06:21.995Z",
"dateUpdated": "2026-03-06T11:26:00.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2757 (GCVE-0-2026-2757)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:32 – Updated: 2026-02-26 15:43
VLAI?
EPSS
Title
Incorrect boundary conditions in the WebRTC: Audio/Video component
Summary
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-1384 - Improper Handling of Physical or Environmental Conditions
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Igor Morgenstern
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:39:17.644870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1384",
"description": "CWE-1384 Improper Handling of Physical or Environmental Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:43:13.747Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Igor Morgenstern"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:13.158Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2001637"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the WebRTC: Audio/Video component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2757",
"datePublished": "2026-02-24T13:32:57.740Z",
"dateReserved": "2026-02-19T15:05:16.301Z",
"dateUpdated": "2026-02-26T15:43:13.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2765 (GCVE-0-2026-2765)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine component
Summary
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:30:09.342761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:31:24.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:56.368Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013562"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2765",
"datePublished": "2026-02-24T13:33:03.943Z",
"dateReserved": "2026-02-19T15:05:35.131Z",
"dateUpdated": "2026-03-06T11:25:56.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2767 (GCVE-0-2026-2767)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 20:10
VLAI?
EPSS
Title
Use-after-free in the JavaScript: WebAssembly component
Summary
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:10:23.640186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:10:59.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:20.889Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013741"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript: WebAssembly component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2767",
"datePublished": "2026-02-24T13:33:05.551Z",
"dateReserved": "2026-02-19T15:05:39.633Z",
"dateUpdated": "2026-02-26T20:10:59.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2783 (GCVE-0-2026-2783)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 20:10
VLAI?
EPSS
Title
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
Summary
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
6.5 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
x0e
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2783",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:09:59.675929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:10:05.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "x0e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:35.131Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010943"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2783",
"datePublished": "2026-02-24T13:33:16.921Z",
"dateReserved": "2026-02-19T15:06:17.478Z",
"dateUpdated": "2026-02-26T20:10:05.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2792 (GCVE-0-2026-2792)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 14:44
VLAI?
EPSS
Title
Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
Summary
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Andrew McCreight, Maurice Dauer, Olli Pettay, Ryan Hunt
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2792",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:55:57.483447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andrew McCreight, Maurice Dauer, Olli Pettay, Ryan Hunt"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:40.473Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2792",
"datePublished": "2026-02-24T13:33:22.842Z",
"dateReserved": "2026-02-19T15:06:37.841Z",
"dateUpdated": "2026-02-26T14:44:08.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2778 (GCVE-0-2026-2778)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-28 03:18
VLAI?
EPSS
Title
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
Summary
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
10 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:17:17.791021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:18:10.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:29.886Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016358"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape due to incorrect boundary conditions in the DOM: Core \u0026 HTML component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2778",
"datePublished": "2026-02-24T13:33:13.564Z",
"dateReserved": "2026-02-19T15:06:06.469Z",
"dateUpdated": "2026-02-28T03:18:10.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2762 (GCVE-0-2026-2762)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-28 02:25
VLAI?
EPSS
Title
Integer overflow in the JavaScript: Standard Library component
Summary
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
André Bargull
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T02:24:03.909176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T02:25:03.772Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andr\u00e9 Bargull"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:16.322Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011649"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Integer overflow in the JavaScript: Standard Library component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2762",
"datePublished": "2026-02-24T13:33:01.761Z",
"dateReserved": "2026-02-19T15:05:27.383Z",
"dateUpdated": "2026-02-28T02:25:03.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2780 (GCVE-0-2026-2780)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-09 23:06
VLAI?
EPSS
Title
Privilege escalation in the Netmonitor component
Summary
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
RyotaK of GMO Flatt Security Inc.
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-25T04:56:05.296618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:08.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation in the Netmonitor component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Privilege escalation in the Netmonitor component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T23:06:41.218Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2007829"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Privilege escalation in the Netmonitor component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2780",
"datePublished": "2026-02-24T13:33:14.850Z",
"dateReserved": "2026-02-19T15:06:11.352Z",
"dateUpdated": "2026-03-09T23:06:41.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2768 (GCVE-0-2026-2768)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 21:05
VLAI?
EPSS
Title
Sandbox escape in the Storage: IndexedDB component
Summary
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
10 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Sajeeb Lohani
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T21:02:57.231055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T21:05:03.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sajeeb Lohani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:21.281Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014101"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape in the Storage: IndexedDB component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2768",
"datePublished": "2026-02-24T13:33:06.258Z",
"dateReserved": "2026-02-19T15:05:41.880Z",
"dateUpdated": "2026-02-26T21:05:03.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2759 (GCVE-0-2026-2759)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:32 – Updated: 2026-02-26 15:47
VLAI?
EPSS
Title
Incorrect boundary conditions in the Graphics: ImageLib component
Summary
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-1384 - Improper Handling of Physical or Environmental Conditions
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Steven Julian
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:46:43.395477Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1384",
"description": "CWE-1384 Improper Handling of Physical or Environmental Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:47:54.766Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Steven Julian"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T13:43:55.454Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010933"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Graphics: ImageLib component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2759",
"datePublished": "2026-02-24T13:32:59.173Z",
"dateReserved": "2026-02-19T15:05:20.862Z",
"dateUpdated": "2026-02-26T15:47:54.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2787 (GCVE-0-2026-2787)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the DOM: Window and Location component
Summary
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:02:37.287928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:02:41.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:54.141Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014560"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the DOM: Window and Location component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2787",
"datePublished": "2026-02-24T13:33:19.579Z",
"dateReserved": "2026-02-19T15:06:26.851Z",
"dateUpdated": "2026-03-06T11:25:54.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2786 (GCVE-0-2026-2786)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:26
VLAI?
EPSS
Title
Use-after-free in the JavaScript Engine component
Summary
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2786",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T20:03:48.457816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T20:04:22.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:26:00.949Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013612"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the JavaScript Engine component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2786",
"datePublished": "2026-02-24T13:33:18.980Z",
"dateReserved": "2026-02-19T15:06:24.424Z",
"dateUpdated": "2026-03-06T11:26:00.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2769 (GCVE-0-2026-2769)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:25
VLAI?
EPSS
Title
Use-after-free in the Storage: IndexedDB component
Summary
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
8.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T14:20:50.862453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T14:21:09.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:25:49.149Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014550"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Use-after-free in the Storage: IndexedDB component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2769",
"datePublished": "2026-02-24T13:33:06.912Z",
"dateReserved": "2026-02-19T15:05:44.343Z",
"dateUpdated": "2026-03-06T11:25:49.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2760 (GCVE-0-2026-2760)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-26 15:51
VLAI?
EPSS
Title
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
Summary
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
10 (Critical)
CWE
- CWE-1384 - Improper Handling of Physical or Environmental Conditions
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Oskar L
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2760",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T15:49:35.987873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1384",
"description": "CWE-1384 Improper Handling of Physical or Environmental Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:51:08.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.33",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Oskar L"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:15.098Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011062"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-14/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2760",
"datePublished": "2026-02-24T13:33:00.290Z",
"dateReserved": "2026-02-19T15:05:23.107Z",
"dateUpdated": "2026-02-26T15:51:08.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2779 (GCVE-0-2026-2779)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-02-28 03:16
VLAI?
EPSS
Title
Incorrect boundary conditions in the Networking: JAR component
Summary
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Alex Mayorga
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:15:18.517530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:16:09.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alex Mayorga"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T17:30:31.538Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1164141"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Incorrect boundary conditions in the Networking: JAR component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2779",
"datePublished": "2026-02-24T13:33:14.195Z",
"dateReserved": "2026-02-19T15:06:08.909Z",
"dateUpdated": "2026-02-28T03:16:09.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2791 (GCVE-0-2026-2791)
Vulnerability from cvelistv5 – Published: 2026-02-24 13:33 – Updated: 2026-03-06 11:26
VLAI?
EPSS
Title
Mitigation bypass in the Networking: Cache component
Summary
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Severity ?
9.8 (Critical)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 148
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-2791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-28T03:10:15.651384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-28T03:10:50.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "148",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "140.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"value": "Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 140.8, Thunderbird \u003c 148, and Thunderbird \u003c 140.8."
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T11:26:01.970Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015220"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-13/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-15/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2026-17/"
}
],
"title": "Mitigation bypass in the Networking: Cache component"
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2026-2791",
"datePublished": "2026-02-24T13:33:22.237Z",
"dateReserved": "2026-02-19T15:06:35.590Z",
"dateUpdated": "2026-03-06T11:26:01.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…