PT-2026-27423 · Mozilla · Thunderbird+1

Jun Yang

·

Published

2026-03-24

·

Updated

2026-03-29

·

CVE-2026-4725

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Thunderbird versions prior to 149
Description A security issue exists due to a use-after-free condition within the Graphics: Canvas2D component. This can lead to a sandbox escape.
Recommendations Update Firefox to version 149 or later. Update Thunderbird to version 149 or later.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2026-4725
OPENSUSE-SU-2026:10458-1

Affected Products

Firefox
Thunderbird