CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4712 – Information disclosure in the Widget: Cocoa component
https://notcve.org/view.php?id=CVE-2026-4712
24 Mar 2026 — Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Revelación de información en el componente Widget: Cocoa. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Information disclosure in the Widget: Cocoa component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2017666 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-4725 – Sandbox escape due to use-after-free in the Graphics: Canvas2D component
https://notcve.org/view.php?id=CVE-2026-4725
24 Mar 2026 — Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149. Escape de sandbox debido a uso después de liberación en el componente Graphics: Canvas2D. Esta vulnerabilidad afecta a Firefox < 149 y Thunderbird < 149. Sandbox escape due to use-after-free in the Graphics: Canvas2D component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2017108 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4711 – Use-after-free in the Widget: Cocoa component
https://notcve.org/view.php?id=CVE-2026-4711
24 Mar 2026 — Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Uso después de liberación en el componente Widget: Cocoa. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Use-after-free in the Widget: Cocoa component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2017002 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4709 – Incorrect boundary conditions in the Audio/Video: GMP component
https://notcve.org/view.php?id=CVE-2026-4709
24 Mar 2026 — Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente Audio/Video: GMP. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Audio/Video: GMP component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2016329 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4708 – Incorrect boundary conditions in the Graphics component
https://notcve.org/view.php?id=CVE-2026-4708
24 Mar 2026 — Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente Gráficos. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Graphics component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2015268 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4707 – Incorrect boundary conditions in the Graphics: Canvas2D component
https://notcve.org/view.php?id=CVE-2026-4707
24 Mar 2026 — Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente Graphics: Canvas2D. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Graphics: Canvas2D component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2015267 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4706 – Incorrect boundary conditions in the Graphics: Canvas2D component
https://notcve.org/view.php?id=CVE-2026-4706
24 Mar 2026 — Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Condiciones de contorno incorrectas en el componente Graphics: Canvas2D. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Incorrect boundary conditions in the Graphics: Canvas2D component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2015091 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4705 – Undefined behavior in the WebRTC: Signaling component
https://notcve.org/view.php?id=CVE-2026-4705
24 Mar 2026 — Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Comportamiento indefinido en el componente de señalización de WebRTC. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, y Thunderbird < 140.9. Undefined behavior in the WebRTC: Signaling component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2014873 • CWE-758: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4704 – Denial-of-service in the WebRTC: Signaling component
https://notcve.org/view.php?id=CVE-2026-4704
24 Mar 2026 — Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Denegación de servicio en el componente de señalización de WebRTC. Esta vulnerabilidad afecta a Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149 y Thunderbird < 140.9. Denial-of-service in the WebRTC: Signaling component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2014868 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-4723 – Use-after-free in the JavaScript Engine component
https://notcve.org/view.php?id=CVE-2026-4723
24 Mar 2026 — Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Thunderbird < 149. Uso después de liberación en el componente del motor JavaScript. Esta vulnerabilidad afecta a Firefox < 149 y Thunderbird < 149. Use-after-free in the JavaScript Engine component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2013573 • CWE-416: Use After Free •