PT-2026-27388 · Mozilla · Firefox+2
Sajeeb Lohani
·
Published
2026-03-24
·
Updated
2026-03-24
·
CVE-2026-4689
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 149
Firefox ESR versions prior to 115.34
Firefox ESR versions prior to 140.9
Thunderbird versions prior to 149
Thunderbird versions prior to 140.9
Description
A sandbox escape is possible due to incorrect boundary conditions and an integer overflow within the XPCOM component. This issue could allow an attacker to bypass security restrictions.
Recommendations
Update Firefox to version 149 or later.
Update Firefox ESR to version 115.34 or later.
Update Firefox ESR to version 140.9 or later.
Update Thunderbird to version 149 or later.
Update Thunderbird to version 140.9 or later.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Firefox
Firefox Esr
Thunderbird