Mozilla Firefox vulnerabilities

CVE-2026-2757 [CRITICAL] CWE-1384 CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2770 [CRITICAL] CWE-416 CVE-2026-2770: Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2771 [CRITICAL] CWE-125 CVE-2026-2771: Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, F Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2793 [CRITICAL] CWE-787 CVE-2026-2793: Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Fire

CVE-2026-2760 [CRITICAL] CWE-1384 CVE-2026-2760: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulne Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2759 [CRITICAL] CWE-1384 CVE-2026-2759: Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in F Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2789 [CRITICAL] CWE-416 CVE-2026-2789: Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Fir Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2786 [CRITICAL] CWE-416 CVE-2026-2786: Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Fire Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2764 [CRITICAL] CWE-416 CVE-2026-2764: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was f JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2788 [CRITICAL] CWE-119 CVE-2026-2788: Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Fir Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2805 [CRITICAL] CWE-824 CVE-2026-2805: Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and T Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

CVE-2026-2634 [CRITICAL] CWE-451 CVE-2026-2634: Malicious scripts could cause desynchronization between the address bar and web content before a res Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4.

CVE-2026-2758 [CRITICAL] CWE-416 CVE-2026-2758: Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2787 [CRITICAL] CWE-416 CVE-2026-2787: Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 14 Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2785 [CRITICAL] CWE-824 CVE-2026-2785: Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Fir Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2766 [CRITICAL] CWE-416 CVE-2026-2766: Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2767 [CRITICAL] CWE-416 CVE-2026-2767: Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2790 [CRITICAL] CWE-346 CVE-2026-2790: Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

CVE-2026-2806 [CRITICAL] CWE-908 CVE-2026-2806: Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 an Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

CVE-2026-2779 [CRITICAL] CWE-119 CVE-2026-2779: Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Fire Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.