PT-2026-2639 · Mozilla+4 · Firefox Esr+5

Mingi Jung

Published

2026-01-13

Updated

2026-03-18

CVE-2026-0877

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Firefox ESR versions prior to 115.32 Firefox ESR versions prior to 140.7

Description A mitigation bypass exists in the DOM Security component of Firefox. This issue could allow bypassing security mitigations.

Recommendations Update Firefox to a version newer than 146. Update Firefox ESR to a version newer than 115.31. Update Firefox ESR to a version newer than 140.6.

Fix

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-693

Related Identifiers

ALSA-2026:0667

ALSA-2026:0694

ALSA-2026:0924

ALSA-2026:2220

ALSA-2026:2271

ALSA-2026:2286

BDU:2026-03392

CVE-2026-0877

MGASA-2026-0013

MGASA-2026-0014

OESA-2026-1085

OESA-2026-1086

OESA-2026-1087

OESA-2026-1088

OESA-2026-1089

OESA-2026-1090

OESA-2026-1264

OESA-2026-1285

OPENSUSE-SU-2026:10037-1

OPENSUSE-SU-2026:10046-1

OPENSUSE-SU-2026:10058-1

OPENSUSE-SU-2026:20041-1

OPENSUSE-SU-2026:20391-1

RHSA-2026:0667

RHSA-2026:0694

RHSA-2026:0924

RHSA-2026:1320

RHSA-2026:1413

RHSA-2026:1414

RHSA-2026:1415

RHSA-2026:1461

RHSA-2026:1462

RHSA-2026:1471

RHSA-2026:1487

RHSA-2026:2041

RHSA-2026:2043

RHSA-2026:2044

RHSA-2026:2047

RHSA-2026:2069

RHSA-2026:2070

RHSA-2026:2073

RHSA-2026:2074

RHSA-2026:2220

RHSA-2026:2231

RHSA-2026:2271

RHSA-2026:2286

SUSE-SU-2026:0122-1

SUSE-SU-2026:0153-1

SUSE-SU-2026:0260-1

SUSE-SU-2026:20086-1

USN-7991-1

Affected Products

Firefox

Firefox Esr

Linuxmint

Red Os

Rocky Linux

Ubuntu

PT-2026-2639 · Mozilla+4 · Firefox Esr+5

CVE-2026-0877

Weakness Enumeration

Related Identifiers

Affected Products

References · 320