Debian Firefox vulnerabilities

CVE-2026-2774 [CRITICAL] CVE-2026-2774: firefox - Integer overflow in the Audio/Video component. This vulnerability affects Firefo... Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-4725 [CRITICAL] CVE-2026-4725: firefox - Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This v... Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-2799 [CRITICAL] CVE-2026-2799: firefox - Use-after-free in the DOM: Core & HTML component. This vulnerability affects Fir... Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2775 [CRITICAL] CVE-2026-2775: firefox - Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects ... Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2772 [CRITICAL] CVE-2026-2772: firefox - Use-after-free in the Audio/Video: Playback component. This vulnerability affect... Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2770 [CRITICAL] CVE-2026-2770: firefox - Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affec... Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2778 [CRITICAL] CVE-2026-2778: firefox - Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML comp... Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-4720 [CRITICAL] CVE-2026-4720: firefox - Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox ... Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140

CVE-2026-4702 [CRITICAL] CVE-2026-4702: firefox - JIT miscompilation in the JavaScript Engine component. This vulnerability affect... JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-0884 [CRITICAL] CVE-2026-0884: firefox - Use-after-free in the JavaScript Engine component. This vulnerability affects Fi... Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. Scope: local sid: resolved (fixed in 147.0-1)

CVE-2026-2767 [CRITICAL] CVE-2026-2767: firefox - Use-after-free in the JavaScript: WebAssembly component. This vulnerability affe... Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-4691 [CRITICAL] CVE-2026-4691: firefox - Use-after-free in the CSS Parsing and Computation component. This vulnerability ... Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-2776 [CRITICAL] CVE-2026-2776: firefox - Sandbox escape due to incorrect boundary conditions in the Telemetry component i... Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2793 [CRITICAL] CVE-2026-2793: firefox - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird... Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8

CVE-2026-2795 [CRITICAL] CVE-2026-2795: firefox - Use-after-free in the JavaScript: GC component. This vulnerability affects Firef... Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-5734 [CRITICAL] CVE-2026-5734: firefox - Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Fire... Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 140.9.1, Thunderbird < 149.0.2,

CVE-2026-2787 [CRITICAL] CVE-2026-2787: firefox - Use-after-free in the DOM: Window and Location component. This vulnerability aff... Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-4715 [CRITICAL] CVE-2026-4715: firefox - Uninitialized memory in the Graphics: Canvas2D component. This vulnerability aff... Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-2768 [CRITICAL] CVE-2026-2768: firefox - Sandbox escape in the Storage: IndexedDB component. This vulnerability affects F... Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2806 [CRITICAL] CVE-2026-2806: firefox - Uninitialized memory in the Graphics: Text component. This vulnerability affects... Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148. Scope: local sid: resolved (fixed in 148.0-1)