EUVD-2026-8503

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 148 and Firefox ESR 140.8...

CVE-2026-2783

CVE-2026-2783 is a JIT miscompilation information-disclosure vulnerability in the JavaScript Engine (JIT component) that affects Firefox and Thunderbird products. Public details in connected advisories state the issue arises from JIT miscompilation, enabling information disclosure, and indicate f...

CVE-2026-2764 JIT miscompilation, use-after-free in the JavaScript Engine: JIT component

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2764 JIT miscompilation, use-after-free in the JavaScript Engine: JIT component

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2764

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2764

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

EUVD-2026-8486

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8...

Firefox -- Multiple vulnerabilities

CVE-2026-2807: Memory safety bugs present in Firefox 147 and Thunderbird 147 CVE-2026-2806: Uninitialized memory in the Graphics: Text component. CVE-2026-2805: Invalid pointer in the DOM: Core & HTML component. CVE-2026-2804: Use-after-free in the JavaScript: WebAssembly component. CVE-2026-2803...

PT-2026-21729

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A JIT miscompilation issue exists in the JavaScript: WebAssembly component. JIT Just-In-Time compilation is a method used by browsers to improve execution speed by...

OESA-2026-1264 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in...

OPENSUSE-SU-2026:20046-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.6.0 ESR MFSA 2025-96 bsc1254551 CVE-2025-14321 bmo1992760 Use-after-free in the WebRTC: Signaling component CVE-2025-14322 bmo1996473 Sandbox escape due to incorrect boundary...

OESA-2026-1089 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

OESA-2026-1085 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

MiracleLinux 8 : thunderbird-140.6.0-1.el8_10.ML.1 (AXSA:2026-021:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-021:01 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free...

Astra Linux – Vulnerability in Firefox, Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

MiracleLinux 9 : thunderbird-140.6.0-1.el9_7.ML.1 (AXSA:2025-11620:28)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11620:28 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-fr...

MiracleLinux 9 : firefox-140.6.0-1.el9_7.ML.1 (AXSA:2025-11561:38)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11561:38 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-fr...

SUSE-SU-2026:20031-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: Fixed: Various security fixes. MFSA 2025-94 bsc1254551: CVE-2025-14321: Use-after-free in the WebRTC: Signaling component CVE-2025-14322: Sandbox escape...

OPENSUSE-SU-2026:20014-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: Fixed: Various security fixes. MFSA 2025-94 bsc1254551: CVE-2025-14321: Use-after-free in the WebRTC: Signaling component CVE-2025-14322: Sandbox escape...

Important: firefox

Issue Overview: Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox 146 and Firefox ESR 140.6. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox 146, Firefox ESR 115.31, a...