PT-2026-21728 · Mozilla · Thunderbird+1
X0E
·
Published
2026-02-24
·
Updated
2026-03-01
·
CVE-2026-2795
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 148
Thunderbird versions prior to 148
Description
A use-after-free issue exists in the JavaScript: GC component. This condition can occur when memory is accessed after it has been freed, potentially leading to crashes or arbitrary code execution.
Recommendations
Update Firefox to version 148 or later.
Update Thunderbird to version 148 or later.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firefox
Thunderbird