firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

firefox: thunderbird: Use-after-free in the IPC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the IPC component...

firefox: thunderbird: Incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

firefox: thunderbird: Sandbox escape due to integer overflow in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to integer overflow in the Graphics component...

Mozilla Firefox ESR < 115.32

The version of Firefox ESR installed on the remote Windows host is prior to 115.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-02 advisory. - Use-after-free in the IPC component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefox ESR 140....

CVE-2026-0886

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0882 Use-after-free in the IPC component

Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0882

CVE-2026-0882 : Use-after-free in the IPC component exposed in Firefox &lt; 147, Firefox ESR &lt; 115.32 and &lt; 140.7, Thunderbird &lt; 147 and

CVE-2026-0882

Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0880

CVE-2026-0880 is a sandbox-escape vulnerability: sandbox escape due to an integer overflow in the Graphics component. Affected products include Firefox (&lt;147), Firefox ESR (&lt;115.32 and &lt;140.7), Thunderbird (&lt;147 and

CVE-2026-0880 Sandbox escape due to integer overflow in the Graphics component

Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0880

Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0879

Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0877

CVE-2026-0877 is a mitigation bypass in the DOM: Security component, affecting Firefox versions below 147, including Firefox ESR &lt;115.32 and ESR

CVE-2026-0877 Mitigation bypass in the DOM: Security component

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

PT-2026-2639

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Firefox ESR versions prior to 115.32 Firefox ESR versions prior to 140.7 Description A mitigation bypass exists in the DOM Security component of Firefox. This issue could allow bypassing security mitigations...