cbcvebase.
CVE-2026-8946
published 2026-05-19

CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11…

high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

Affected

11 ranges
VendorProductVersion rangeFixed in
mozillafirefox< Firefox 151Firefox 151
mozillafirefox< 115.36.0115.36.0
mozillafirefox< 151.0.0151.0.0
mozillafirefox
mozillafirefox>= 140.0 < 140.11.0140.11.0
mozillafirefox_esr< Firefox ESR 115.36Firefox ESR 115.36
mozillafirefox_esr< Firefox ESR 140.11Firefox ESR 140.11
mozillathunderbird< Thunderbird 151Thunderbird 151
mozillathunderbird< Thunderbird 140.11Thunderbird 140.11
mozillathunderbird< 140.11140.11
rhel10firefox-flatpak