CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-5735 – Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2
https://notcve.org/view.php?id=CVE-2026-5735
07 Apr 2026 — Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=2025475%2C2025477 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2026-5734 – Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
https://notcve.org/view.php?id=CVE-2026-5734
07 Apr 2026 — Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-5733 – Incorrect boundary conditions in the Graphics: WebGPU component
https://notcve.org/view.php?id=CVE-2026-5733
07 Apr 2026 — Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2. • https://bugzilla.mozilla.org/show_bug.cgi?id=2022554 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-5732 – Incorrect boundary conditions, integer overflow in the Graphics: Text component
https://notcve.org/view.php?id=CVE-2026-5732
07 Apr 2026 — Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=2017867 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4719 – Incorrect boundary conditions in the Graphics: Text component
https://notcve.org/view.php?id=CVE-2026-4719
24 Mar 2026 — Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente Gráficos: Texto. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Graphics: Text component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2016367 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4717 – Privilege escalation in the Netmonitor component
https://notcve.org/view.php?id=CVE-2026-4717
24 Mar 2026 — Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Escalada de privilegios en el componente Netmonitor. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Privilege escalation in the Netmonitor component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2021695 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4716 – Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component
https://notcve.org/view.php?id=CVE-2026-4716
24 Mar 2026 — Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas, memoria no inicializada en el componente del motor JavaScript. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2018592 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4715 – Uninitialized memory in the Graphics: Canvas2D component
https://notcve.org/view.php?id=CVE-2026-4715
24 Mar 2026 — Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Memoria no inicializada en el componente Graphics: Canvas2D. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Uninitialized memory in the Graphics: Canvas2D component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2018405 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4714 – Incorrect boundary conditions in the Audio/Video component
https://notcve.org/view.php?id=CVE-2026-4714
24 Mar 2026 — Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente de Audio/Video. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Audio/Video component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2018126 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4713 – Incorrect boundary conditions in the Graphics component
https://notcve.org/view.php?id=CVE-2026-4713
24 Mar 2026 — Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente Gráficos. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Graphics component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2018113 • CWE-754: Improper Check for Unusual or Exceptional Conditions •