Debian Firefox vulnerabilities

CVE-2026-2447 [HIGH] CVE-2026-2447: firefox - Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Fi... Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2. Scope: local sid: resolved (fixed in 147.0.4-1)

CVE-2026-4711 [CRITICAL] CVE-2026-4711: firefox - Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefo... Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved

CVE-2026-2800 [CRITICAL] CVE-2026-2800: firefox - Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerabil... Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148. Scope: local sid: resolved

CVE-2026-4712 [HIGH] CVE-2026-4712: firefox - Information disclosure in the Widget: Cocoa component. This vulnerability affect... Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Scope: local sid: resolved

CVE-2026-2794 [HIGH] CVE-2026-2794: firefox - Information disclosure due to uninitialized memory in Firefox and Firefox Focus ... Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148. Scope: local sid: resolved

CVE-2025-8044 [CRITICAL] CVE-2025-8044: firefox - Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bug... Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141 and Thunderbird < 141. Scope: local sid: resolved (fixed in 141.0-1)

CVE-2025-6433 [CRITICAL] CVE-2025-6433: firefox - If a user visited a webpage with an invalid TLS certificate, and granted an exce... If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This vulnerability affects Firefox < 140 and Thunderbird < 140. Scope: loca

CVE-2025-1942 [CRITICAL] CVE-2025-1942: firefox - When String.toUpperCase() caused a string to get longer it was possible for unin... When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136. Scope: local sid: resolved (fixed in 136.0-1)

CVE-2025-11710 [CRITICAL] CVE-2025-11710: firefox - A compromised web process using malicious IPC messages could have caused the pri... A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4. Scope: local sid: resolved (fixed in 144.0-1)

CVE-2025-0247 [CRITICAL] CVE-2025-0247: firefox - Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bug... Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134 and Thunderbird < 134. Scope: local sid: resolved (fixed in 134.0-1)

CVE-2025-13022 [CRITICAL] CVE-2025-13022: firefox - Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerabil... Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. Scope: local sid: resolved (fixed in 145.0-1)

CVE-2025-1016 [CRITICAL] CVE-2025-1016: firefox - Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, ... Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Fi

CVE-2025-13021 [CRITICAL] CVE-2025-13021: firefox - Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerabil... Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. Scope: local sid: resolved (fixed in 145.0-1)

CVE-2025-11708 [CRITICAL] CVE-2025-11708: firefox - Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects ... Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4. Scope: local sid: resolved (fixed in 144.0-1)

CVE-2025-4083 [CRITICAL] CVE-2025-4083: firefox - A process isolation vulnerability in Thunderbird stemmed from improper handling ... A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird <

CVE-2025-4918 [CRITICAL] CVE-2025-4918: firefox - An attacker was able to perform an out-of-bounds read or write on a JavaScript `... An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. Scope: local sid: resolved (fixed in 138.0.4-1)

CVE-2025-14324 [CRITICAL] CVE-2025-14324: firefox - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability a... JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. Scope: local sid: resolved (fixed in 146.0-1)

CVE-2025-9179 [CRITICAL] CVE-2025-9179: firefox - An attacker was able to perform memory corruption in the GMP process which proce... An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and T

CVE-2025-49710 [CRITICAL] CVE-2025-49710: firefox - An integer overflow was present in `OrderedHashTable` used by the JavaScript eng... An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. Scope: local sid: resolved (fixed in 139.0.4-1)

CVE-2025-14326 [CRITICAL] CVE-2025-14326: firefox - Use-after-free in the Audio/Video: GMP component. This vulnerability affects Fir... Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146. Scope: local sid: resolved (fixed in 146.0-1)