PT-2026-27427 · Mozilla · Firefox+1

Christian Holler

Published

2026-03-24

Updated

2026-03-29

CVE-2026-4729

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Thunderbird versions prior to 149

Description Memory safety issues exist in Firefox 148 and Thunderbird 148. These bugs demonstrate evidence of memory corruption, and it is presumed that, with sufficient effort, they could potentially be exploited to execute arbitrary code.

Recommendations Update Firefox to version 149 or later. Update Thunderbird to version 149 or later.

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2026-4729

OPENSUSE-SU-2026:10458-1

Affected Products

Firefox

Thunderbird

PT-2026-27427 · Mozilla · Firefox+1

CVE-2026-4729

Weakness Enumeration

Related Identifiers

Affected Products

References · 57