CVE-2026-4701

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4698 JIT miscompilation in the JavaScript Engine: JIT component

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4698

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4698 JIT miscompilation in the JavaScript Engine: JIT component

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4698

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4698

CVE-2026-4698 — JIT miscompilation in the JavaScript Engine (JIT component) . The issue is disclosed for Firefox/Thunderbird products and is described as a JIT miscompilation in the JavaScript engine’s JIT path. Affected versions are Firefox < 149, Firefox ESR < 115.34, and Firefox ESR

CVE-2026-4698

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Silicon Labs Simplicity Studio 安全漏洞

Silicon Labs Simplicity Studio is an integrated development environment for embedded system development and debugging provided by Silicon Labs, a company in the United States. There is a security vulnerability in Silicon Labs Simplicity Studio, which stems from the acceptance of user-controllable...

Zabbix 安全漏洞

Zabbix is an open-source monitoring system developed by Zabbix Inc. This system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. Zabbix has security vulnerabilities, which stem from improper reuse of JavaScript environments. These vulnerabilities may...

orpc 跨站脚本漏洞

Orpc is an open-source RPC and OpenAPI integration framework developed by MiddleAPI. Versions of Orpc prior to 1.13.9 contained a cross-site scripting vulnerability. This vulnerability stemmed from the OpenAPI documentation generation process, which included stored cross-site scripts. This could...

PT-2026-27473

Name of the Vulnerable Software and Affected Versions Zabbix versions prior to 7.4 Description A design flaw in Zabbix Server/Proxy related to JavaScript Duktape context reuse can result in data leakage. Specifically, a regular Zabbix administrator may unintentionally expose data for hosts they a...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products. The...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that...

Mozilla Firefox和Mozilla Thunderbird 资源管理错误漏洞

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A resource management error vulnerability exists in Mozilla Firefox and Mozilla...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

PT-2026-27629

Name of the Vulnerable Software and Affected Versions PinchTab versions 0.8.3 through 0.8.5 Description PinchTab versions 0.8.3 through 0.8.5 contain a security bypass that allows arbitrary JavaScript execution through the POST /wait and POST /tabs/id/wait API endpoints when using fn mode, even i...

PT-2026-27492

pyLoad is a free and open-source download manager written in Python. From version 0.4.20 to before version 0.5.0b3.dev97, the local check decorator in pyLoad's ClickNLoad feature can be bypassed by any remote attacker through HTTP Host header spoofing. This allows unauthenticated remote users to...

Mozilla -- Multiple vulnerabilities

CVE-2026-4688: Sandbox escape due to use-after-free in Disability Access APIs. CVE-2026-4695: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-4697: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-4700: Mitigation bypass in the...

PT-2026-27421

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Thunderbird versions prior to 149 Description A use-after-free issue exists in the JavaScript Engine component. This condition may allow for unexpected behavior. Recommendations Update Firefox to version 149 or...