CVE-2026-2776Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents9 sources
Severity
10.0CRITICALNVD
EPSS
0.1%
top 76.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla ThunderbirdMozilla Firefox
Timeline
PublishedFeb 24

Description

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages3 packages

NVDmozilla/firefox128.0140.8.0+2
NVDmozilla/thunderbird< 140.8.0+1
Debianmozilla/thunderbird< 1:140.8.0esr-1~deb11u1+3

🔴Vulnerability Details

3
GHSA
GHSA-v33x-35cm-8gjc: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software2026-02-24
OSV
CVE-2026-2776: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software2026-02-24
CVEList
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software2026-02-24

📋Vendor Advisories

7
Red Hat
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software2026-02-24
Debian
CVE-2026-2776: firefox - Sandbox escape due to incorrect boundary conditions in the Telemetry component i...2026
Mozilla
Mozilla Foundation Security Advisory 2026-17: CVE-2026-2776
Mozilla
Mozilla Foundation Security Advisory 2026-13: CVE-2026-2776
Mozilla
Mozilla Foundation Security Advisory 2026-15: CVE-2026-2776

🕵️Threat Intelligence

1
Wiz
CVE-2026-2776 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2026-2776 firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software2026-02-24