CVE-2026-6772 Incorrect boundary conditions in the Libraries component in NSS

🗓️ 21 Apr 2026 12:41:04Reported by mozillaType

CVE-2026-6772 fixes NSS Libraries boundary conditions;Firefox 150 patch and ESR 115.35/140.10.

Reporter	Title	Published	Views	Family All 293
FreeBSD	Mozilla -- Incorrect boundary conditions	21 Apr 202600:00	–	freebsd
ATTACKERKB	CVE-2026-6772	21 Apr 202612:41	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : firefox (ALAS2023-2026-1652)	20 May 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : nspr, nspr-devel, nss (ALAS2023-2026-1703)	16 May 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3290 (ALAS-2026-3290)	14 May 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : nss, --advisory ALAS2-2026-3304 (ALAS-2026-3304)	27 May 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-058 (ALASFIREFOX-2026-058)	14 May 202600:00	–	nessus
Tenable Nessus	AlmaLinux 9 : firefox (ALSA-2026:10757)	30 Apr 202600:00	–	nessus
Tenable Nessus	AlmaLinux 8 : firefox (ALSA-2026:10766)	29 Apr 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : firefox (ALSA-2026:10767)	30 Apr 202600:00	–	nessus

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "115.35",
        "lessThanOrEqual": "115.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "140.10",
        "lessThanOrEqual": "140.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "150",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  },
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "unaffected",
        "version": "140.10",
        "lessThanOrEqual": "140.*",
        "versionType": "rpm"
      },
      {
        "status": "unaffected",
        "version": "150",
        "lessThanOrEqual": "*",
        "versionType": "rpm"
      }
    ]
  }
]

Source	Link
mozilla	www.mozilla.org/security/advisories/mfsa2026-30/
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/security/advisories/mfsa2026-34/
mozilla	www.mozilla.org/security/advisories/mfsa2026-33/
mozilla	www.mozilla.org/security/advisories/mfsa2026-31/
mozilla	www.mozilla.org/security/advisories/mfsa2026-32/

21 Apr 2026 23:35Current

EPSS0.00269