PT-2026-27393 · Mozilla · Firefox+2

Sajeeb Lohani

·

Published

2026-01-01

·

Updated

2026-04-17

·

CVE-2026-4694

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 115.34 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9
Description An integer overflow exists within the Graphics component due to incorrect boundary conditions. This condition could potentially lead to unexpected behavior or compromise system integrity.
Recommendations Update Firefox to version 149 or later. Update Firefox ESR to version 115.34 or later. Update Firefox ESR to version 140.9 or later. Update Thunderbird to version 149 or later. Update Thunderbird to version 140.9 or later.

Fix

Improper Check for Exceptional Conditions

Integer Overflow

Weakness Enumeration

CWE-754CWE-190

Related Identifiers

ALSA-2026:5930
ALSA-2026:5931
ALSA-2026:5932
ALSA-2026:6188
ALSA-2026:6342
ALSA-2026:6917
BDU:2026-04808
CVE-2026-4694
MGASA-2026-0080
MGASA-2026-0081
OESA-2026-1705
OESA-2026-1706
OESA-2026-1707
OESA-2026-1708
OESA-2026-1709
OESA-2026-1993
OESA-2026-1994
OPENSUSE-SU-2026:10413-1
OPENSUSE-SU-2026:10447-1
OPENSUSE-SU-2026:10458-1
OPENSUSE-SU-2026:20439-1
RHSA-2026:5930
RHSA-2026:5931
RHSA-2026:5932
RHSA-2026:6188
RHSA-2026:6342
RHSA-2026:6917
RHSA-2026:7837
RHSA-2026:7838
RHSA-2026:7839
RHSA-2026:7840
RHSA-2026:7841
RHSA-2026:7842
RHSA-2026:7843
RHSA-2026:7845
RHSA-2026:7858
RHSA-2026:8284
RHSA-2026:8285
RHSA-2026:8286
RHSA-2026:8287
RHSA-2026:8288
RHSA-2026:8289
RHSA-2026:8290
RHSA-2026:8315
RHSA-2026:8427
RHSA-2026:8850
SUSE-SU-2026:1126-1
SUSE-SU-2026:1127-1
SUSE-SU-2026:1163-1
SUSE-SU-2026:20978-1

Affected Products

Firefox
Firefox Esr
Thunderbird