CVE-2026-8955
published 2026-05-19CVE-2026-8955: Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | < Firefox 151 | Firefox 151 |
| mozilla | firefox | < 140.11.0 | 140.11.0 |
| mozilla | firefox | < 151.0.0 | 151.0.0 |
| mozilla | firefox_esr | < Firefox ESR 140.11 | Firefox ESR 140.11 |
| mozilla | thunderbird | < Thunderbird 140.11 | Thunderbird 140.11 |
| mozilla | thunderbird | < Thunderbird 151 | Thunderbird 151 |
| mozilla | thunderbird | < 140.11 | 140.11 |
| mozilla | thunderbird | < 151.0.0 | 151.0.0 |