CVE-2026-4713Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CWE-754Improper Check for Unusual or Exceptional ConditionsCWE-787Out-of-bounds Write12 documents9 sources
Severity
7.5HIGHNVD
EPSS
0.0%
top 94.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla ThunderbirdMozilla Firefox
Timeline
PublishedMar 24

Description

Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDmozilla/firefox< 140.9.0+1
Debianmozilla/thunderbird< 1:140.9.0esr-1~deb11u1+3

🔴Vulnerability Details

3
CVEList
Incorrect boundary conditions in the Graphics component2026-03-24
OSV
CVE-2026-4713: Incorrect boundary conditions in the Graphics component2026-03-24
GHSA
GHSA-954r-qq48-9vr2: Incorrect boundary conditions in the Graphics component2026-03-24

📋Vendor Advisories

6
Red Hat
firefox: thunderbird: Incorrect boundary conditions in the Graphics component2026-03-24
Debian
CVE-2026-4713: firefox - Incorrect boundary conditions in the Graphics component. This vulnerability affe...2026
Mozilla
Mozilla Foundation Security Advisory 2026-22: CVE-2026-4713
Mozilla
Mozilla Foundation Security Advisory 2026-20: CVE-2026-4713
Mozilla
Mozilla Foundation Security Advisory 2026-23: CVE-2026-4713

🕵️Threat Intelligence

1
Wiz
CVE-2026-4713 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

1
Bugzilla
CVE-2026-4713 firefox: thunderbird: Incorrect boundary conditions in the Graphics component2026-03-24
CVE-2026-4713 — Mozilla Firefox vulnerability | cvebase