CVE-2026-2791

Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2786

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2777

Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2762

Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2763

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

UBUNTU-CVE-2026-2762

Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

UBUNTU-CVE-2026-2796

JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

UBUNTU-CVE-2026-2798

Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

UBUNTU-CVE-2026-2777

Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2805 Invalid pointer in the DOM: Core & HTML component

Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

CVE-2026-2801

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

EUVD-2026-8447

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox 148...

CVE-2026-2785

CVE-2026-2785 describes an invalid pointer in the Firefox JavaScript Engine affecting Firefox < 148 and Firefox ESR

EUVD-2026-8507

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 148 and Firefox ESR 140.8...

CVE-2026-2772

CVE-2026-2772 is a Firefox/Thunderbird memory-safety issue described as a use-after-free in the Audio/Video: Playback component. The vulnerability affects Firefox-related products and was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. Connecte...

CVE-2026-2759

Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

PT-2026-21733

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A spoofing issue exists in the WebAuthn component in Firefox for Android. This issue affects Firefox and Thunderbird. Recommendations Update Firefox to version 148 or...

PT-2026-21730

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A use-after-free flaw exists in the JavaScript GC component. This issue may lead to unexpected behavior or crashes. Recommendations Update Firefox to version 148 or...