CVE-2026-4722
published 2026-03-24CVE-2026-4722: Privilege escalation in the IPC component. This vulnerability was fixed in Firefox 149 and Thunderbird 149.
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
Privilege escalation in the IPC component. This vulnerability was fixed in Firefox 149 and Thunderbird 149.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 149.0-1 (sid) | firefox 149.0-1 (sid) |
| mozilla | firefox | < 149.0 | 149.0 |
| mozilla | firefox | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH