firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...

OESA-2026-1708 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.CVE-2025-59375 Race...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Mozilla -- Multiple vulnerabilities

CVE-2026-4721: Memory safety bugs. Potential arbitrary code execution. CVE-2026-4709: Incorrect boundary conditions in the Audio/Video: GMP component. CVE-2026-4707: Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4706: Incorrect boundary conditions in the Graphics:...

EUVD-2026-10505

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...

CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...