PT-2026-21714 · Mozilla+5 · Firefox+7

Clay Ver Valen

·

Published

2026-01-01

·

Updated

2026-05-08

·

CVE-2026-2781

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8
Description An integer overflow exists within the Libraries component of NSS. This issue may lead to unexpected behavior or potentially allow for malicious actions.
Recommendations Update Firefox to version 148 or later. Update Firefox ESR to version 140.8 or later. Update Thunderbird to version 148 or later. Update Thunderbird to version 140.8 or later.

Fix

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2026:3338
ALSA-2026:3339
ALSA-2026:3361
ALSA-2026:3515
ALSA-2026:3516
ALSA-2026:3517
BDU:2026-07229
CVE-2026-2781
ECHO-C6C4-6D91-E895
MGASA-2026-0052
OESA-2026-1471
OESA-2026-1472
OESA-2026-1473
OESA-2026-1474
OESA-2026-1539
OESA-2026-1540
OPENSUSE-SU-2026:10242-1
OPENSUSE-SU-2026:10248-1
OPENSUSE-SU-2026:10257-1
OPENSUSE-SU-2026:20365-1
OPENSUSE-SU-2026:20391-1
RHSA-2026:3338
RHSA-2026:3339
RHSA-2026:3361
RHSA-2026:3491
RHSA-2026:3492
RHSA-2026:3493
RHSA-2026:3494
RHSA-2026:3495
RHSA-2026:3496
RHSA-2026:3497
RHSA-2026:3515
RHSA-2026:3516
RHSA-2026:3517
RHSA-2026:3976
RHSA-2026:3978
RHSA-2026:3979
RHSA-2026:3980
RHSA-2026:3981
RHSA-2026:3982
RHSA-2026:3983
RHSA-2026:3984
RHSA-2026:4022
RHSA-2026:4152
RHSA-2026:4260
RHSA-2026:4432
SUSE-SU-2026:0740-1
SUSE-SU-2026:0812-1
SUSE-SU-2026:0813-1
SUSE-SU-2026:0814-1
SUSE-SU-2026:0871-1
SUSE-SU-2026:0880-1
USN-8071-1
USN-8071-2

Affected Products

Firefox
Firefox Esr
Linuxmint
Nss
Red Os
Rocky Linux
Thunderbird
Ubuntu