PT-2026-41900 · Mozilla+1 · Thunderbird+2

Published

2026-05-19

·

Updated

2026-06-30

·

CVE-2026-8946

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 151 Firefox ESR versions prior to 115.36 Firefox ESR versions prior to 140.11 Thunderbird versions prior to 151 Thunderbird versions prior to 140.11
Description Incorrect boundary conditions exist in the Audio/Video: Web Codecs component.
Recommendations Update to version 151 Update to version 115.36 Update to version 140.11 Update to version 151 Update to version 140.11

Fix

DoS

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:21378
ALSA-2026:21380
ALSA-2026:21381
ALSA-2026:21382
ALSA-2026:22325
ALSA-2026:22643
BDU:2026-08155
CVE-2026-8946
OESA-2026-2392
OESA-2026-2393
OESA-2026-2394
OESA-2026-2465
OPENSUSE-SU-2026:10813-1
OPENSUSE-SU-2026:10863-1
OPENSUSE-SU-2026:10864-1
OPENSUSE-SU-2026:21168-1

Affected Products

Firefox
Rocky Linux
Thunderbird