cbcvebase.
CVE-2026-8968
published 2026-05-19

CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

Affected

10 ranges
VendorProductVersion rangeFixed in
mozillafirefox< Firefox 151Firefox 151
mozillafirefox< 140.11.0140.11.0
mozillafirefox< 151.0.0151.0.0
mozillafirefox
mozillafirefox_esr< Firefox ESR 140.11Firefox ESR 140.11
mozillathunderbird< Thunderbird 151Thunderbird 151
mozillathunderbird< Thunderbird 140.11Thunderbird 140.11
mozillathunderbird< 140.11140.11
mozillathunderbird< 151.0.0151.0.0
rhel10firefox-flatpak