Debian Firefox vulnerabilities

CVE-2026-0879 [CRITICAL] CVE-2026-0879: firefox - Sandbox escape due to incorrect boundary conditions in the Graphics component. T... Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. Scope: local sid: resolved (fixed in 147.0-1)

CVE-2026-2763 [CRITICAL] CVE-2026-2763: firefox - Use-after-free in the JavaScript Engine component. This vulnerability affects Fi... Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2792 [CRITICAL] CVE-2026-2792: firefox - Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox ... Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140

CVE-2026-2779 [CRITICAL] CVE-2026-2779: firefox - Incorrect boundary conditions in the Networking: JAR component. This vulnerabili... Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-0881 [CRITICAL] CVE-2026-0881: firefox - Sandbox escape in the Messaging System component. This vulnerability affects Fir... Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147 and Thunderbird < 147. Scope: local sid: resolved (fixed in 147.0-1)

CVE-2026-4716 [CRITICAL] CVE-2026-4716: firefox - Incorrect boundary conditions, uninitialized memory in the JavaScript Engine com... Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-2764 [CRITICAL] CVE-2026-2764: firefox - JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This... JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-2790 [CRITICAL] CVE-2026-2790: firefox - Same-origin policy bypass in the Networking: JAR component. This vulnerability a... Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. Scope: local sid: resolved (fixed in 148.0-1)

CVE-2026-4717 [CRITICAL] CVE-2026-4717: firefox - Privilege escalation in the Netmonitor component. This vulnerability affects Fir... Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-4690 [HIGH] CVE-2026-4690: firefox - Sandbox escape due to incorrect boundary conditions, integer overflow in the XPC... Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-4727 [HIGH] CVE-2026-4727: firefox - Denial-of-service in the Libraries component in NSS. This vulnerability affects ... Denial-of-service in the Libraries component in NSS. This vulnerability affects Firefox < 149 and Thunderbird < 149. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-4714 [HIGH] CVE-2026-4714: firefox - Incorrect boundary conditions in the Audio/Video component. This vulnerability a... Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-4704 [HIGH] CVE-2026-4704: firefox - Denial-of-service in the WebRTC: Signaling component. This vulnerability affects... Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-5733 [HIGH] CVE-2026-5733: firefox - Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerabil... Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2. Scope: local sid: resolved (fixed in 149.0.2-1)

CVE-2026-0891 [HIGH] CVE-2026-0891: firefox - Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox ... Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVE-2026-4684 [HIGH] CVE-2026-4684: firefox - Race condition, use-after-free in the Graphics: WebRender component. This vulner... Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-0880 [HIGH] CVE-2026-0880: firefox - Sandbox escape due to integer overflow in the Graphics component. This vulnerabi... Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. Scope: local sid: resolved (fixed in 147.0-1)

CVE-2026-4687 [HIGH] CVE-2026-4687: firefox - Sandbox escape due to incorrect boundary conditions in the Telemetry component. ... Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-4722 [HIGH] CVE-2026-4722: firefox - Privilege escalation in the IPC component. This vulnerability affects Firefox < ... Privilege escalation in the IPC component. This vulnerability affects Firefox < 149 and Thunderbird < 149. Scope: local sid: resolved (fixed in 149.0-1)

CVE-2026-0889 [HIGH] CVE-2026-0889: firefox - Denial-of-service in the DOM: Service Workers component. This vulnerability affe... Denial-of-service in the DOM: Service Workers component. This vulnerability affects Firefox < 147 and Thunderbird < 147. Scope: local sid: resolved (fixed in 147.0-1)