CVE-2026-6778

🗓️ 21 Apr 2026 12:41:09Reported by mozillaType

CVE-2026-6778: invalid pointer in Audio/Video Playback; fixed in Firefox 150.

Reporter	Title	Published	Views	Family All 61
FreeBSD	Mozilla -- Invalid pointer	21 Apr 202600:00	–	freebsd
ATTACKERKB	CVE-2026-6778	21 Apr 202612:41	–	attackerkb
AlpineLinux	CVE-2026-6778	21 Apr 202612:41	–	alpinelinux
Circl	CVE-2026-6778	21 Apr 202620:00	–	circl
CNNVD	Mozilla Firefox和Mozilla Thunderbird 安全漏洞	21 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-6778 Invalid pointer in the Audio/Video: Playback component	21 Apr 202612:41	–	cvelist
Debian CVE	CVE-2026-6778	21 Apr 202612:41	–	debiancve
EUVD	EUVD-2026-24119	21 Apr 202615:32	–	euvd
Tenable Nessus	Fedora 42 : firefox / nss (2026-69538c9f7e)	28 Apr 202600:00	–	nessus
Tenable Nessus	Fedora 43 : firefox / nss (2026-c0a4f03150)	5 May 202600:00	–	nessus

NVD

Node

mozilla firefoxRange<150.0-

mozilla thunderbirdRange<150.0-

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "150",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  },
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "150",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  }
]

Source	Link
mozilla	www.mozilla.org/security/advisories/mfsa2026-33/
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/security/advisories/mfsa2026-30/

22 Apr 2026 16:05Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.3

EPSS0.00048

SSVC