Nan Wang

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 150 Firefox ESR versions prior to 140.10 Thunderbird versions prior to 150 Thunderbird versions prior to 140.10 **Description** Incorrect boundary conditions exist in the WebRTC: Networking component. **Recommendations** Update to version 150 Update to version 140.10 Update to version 150 Update to version 140.10

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 150 Thunderbird versions prior to 150 **Description** Incorrect boundary conditions exist in the WebRTC component, which is a framework that enables real-time communication (voice, video, and data) within web browsers. **Recommendations** Update Firefox to version 150. Update Thunderbird to version 150.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 150 Firefox ESR versions prior to 140.10 Thunderbird versions prior to 150 Thunderbird versions prior to 140.10 **Description** A use-after-free issue exists in the WebRTC component. Use-after-free occurs when an application continues to use a pointer after it has been freed, which can lead to crashes or arbitrary code execution. **Recommendations** Update Firefox to version 150 or later. Update Firefox ESR to version 140.10 or later. Update Thunderbird to version 150 or later. Update Thunderbird to version 140.10 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS versions prior to 26.3 Safari versions prior to 26.3 **Description** The software contains a flaw due to improper state management. Processing specially crafted web content can cause the application to unexpectedly crash. **Recommendations** Update macOS to version Tahoe 26.3. Update iOS to version 18.7.5. Update iPadOS to version 18.7.5. Update visionOS to version 26.3. Update Safari to version 26.3.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS versions prior to 26.3 Safari versions prior to 26.3 **Description** The software contains an issue related to memory handling. Processing specially crafted web content may cause the software to unexpectedly crash. **Recommendations** Update macOS to version 26.3. Update iOS to version 18.7.5. Update iPadOS to version 18.7.5. Update visionOS to version 26.3. Update Safari to version 26.3.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 147 Firefox ESR versions prior to 140.7 **Description** A use-after-free issue exists in the JavaScript Engine component. This can potentially allow for unexpected behavior or code execution. **Recommendations** Update Firefox to version 147 or later. Update Firefox ESR to version 140.7 or later.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 macOS Tahoe versions prior to 26.2 visionOS versions prior to 26.2 **Description** A flaw exists due to improper memory handling when processing specially designed web content. This can result in an unexpected application crash. **Recommendations** Update Safari to version 26.2. Update iOS to version 18.7.3. Update iPadOS to version 18.7.3. Update macOS Tahoe to version 26.2. Update visionOS to version 26.2.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 Safari versions prior to 26.2 **Description** A memory management flaw exists due to a use-after-free condition. Processing specially designed web content could cause the application to crash unexpectedly. **Recommendations** Update macOS to version Tahoe 26.2. Update iOS to version 18.7.3. Update iPadOS to version 18.7.3. Update Safari to version 26.2.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 26.1 iPadOS versions prior to 26.1 Safari versions prior to 26.1 visionOS versions prior to 26.1 **Description** The software contains an issue addressed by disabling array allocation sinking. Processing maliciously crafted web content may lead to an unexpected process crash. **Recommendations** Update to iOS version 26.1 or later. Update to iPadOS version 26.1 or later. Update to Safari version 26.1 or later. Update to visionOS version 26.1 or later.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 26.1 visionOS versions prior to 26.1 watchOS versions prior to 26.1 iOS versions prior to 26.1 iPadOS versions prior to 26.1 tvOS versions prior to 26.1 **Description** Processing maliciously crafted web content may lead to an unexpected process crash. **Recommendations** Update Safari to version 26.1. Update visionOS to version 26.1. Update watchOS to version 26.1. Update iOS to version 26.1. Update iPadOS to version 26.1. Update tvOS to version 26.1.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 143.0.3 **Description** This issue affects Firefox and relates to a use-after-free condition within the JIT (Just-In-Time) compiler, potentially leading to remote code execution (RCE) due to a JIT miscompilation. **Recommendations** Update Firefox to version 143.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** Safari (affected versions not specified) **Description** The issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to an unexpected Safari crash. **Recommendations** Update to watchOS 11.6. Update to iOS 18.6. Update to iPadOS 18.6. Update to tvOS 18.6. Update to macOS Sequoia 15.6. Update to visionOS 2.6.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 141 Firefox ESR versions prior to 115.26 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to 140.1 **Description** On 64-bit platforms, the IonMonkey-JIT component only wrote 32 bits of the 64-bit return value space on the stack, while the Baseline-JIT component read the entire 64 bits. **Recommendations** Update Firefox to version 141 or later. Update Firefox ESR to version 115.26 or later. Update Firefox ESR to version 128.13 or later. Update Firefox ESR to version 140.1 or later. Update Thunderbird to version 141 or later. Update Thunderbird to version 128.13 or later. Update Thunderbird to version 140.1 or later.

Name of the Vulnerable Software and Affected Versions: Microsoft Edge (Chromium-based) (affected versions not specified) Description: The issue allows an unauthorized attacker to execute code over a network due to a 'type confusion' vulnerability in Microsoft Edge (Chromium-based), enabling remote code execution. This vulnerability permits remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to a use after free condition in Microsoft Edge (Chromium-based), allowing an authorized attacker to execute code over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to a 'type confusion' problem, which allows an unauthorized attacker to execute code over a network. This is due to the access of a resource using an incompatible type in Microsoft Edge (Chromium-based). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 134.0.6998.35 **Description** The issue is an out-of-bounds read in the V8 JavaScript engine in Google Chrome, allowing a remote attacker to perform out-of-bounds memory access via a crafted HTML page. This has a high security severity according to Chromium. The vulnerability could lead to severe consequences for users who do not update their browsers in a timely manner, including potential sandbox escapes and arbitrary code execution. However, there are no reported active exploitations of this issue. **Recommendations** For Google Chrome versions prior to 134.0.6998.35, update to version 134.0.6998.35 or later to address the out-of-bounds read vulnerability in the V8 JavaScript engine. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 135 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 **Description** A bug in WebAssembly code generation could have led to a crash, potentially allowing an attacker to achieve code execution. **Recommendations** For Firefox versions prior to 135, update to version 135 or later. For Firefox ESR versions prior to 128.7, update to version 128.7 or later. For Thunderbird versions prior to 128.7, update to version 128.7 or later. For Thunderbird versions prior to 135, update to version 135 or later.

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 131.0.6778.69 Description: The issue is related to a use-after-free vulnerability in the Media component of Google Chrome, which can be exploited by a remote attacker using a specially crafted HTML page. This could potentially lead to heap corruption, affecting the confidentiality, integrity, and availability of the system. Recommendations: For Google Chrome versions prior to 131.0.6778.69, update to version 131.0.6778.69 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted HTML pages that could exploit the vulnerability in the Media component.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 129 Mozilla Firefox ESR versions prior to 128.1 Mozilla Thunderbird versions prior to 128.1 **Description** The issue is related to a type confusion bug in WebAssembly, which could potentially allow a remote attacker to achieve code execution. This bug is associated with errors in mixing data types. **Recommendations** For Mozilla Firefox versions prior to 129, update to version 129 or later. For Mozilla Firefox ESR versions prior to 128.1, update to version 128.1 or later. For Mozilla Thunderbird versions prior to 128.1, update to version 128.1 or later.