PT-2026-30823 · Mozilla+1 · Firefox+3

Sajeeb Lohani

·

Published

2026-04-07

·

Updated

2026-04-25

·

CVE-2026-5732

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149.0.2 Firefox ESR versions prior to 140.9.1 Thunderbird versions prior to 149.0.2 Thunderbird versions prior to 140.9.1
Description The software contains incorrect boundary conditions and an integer overflow within the Graphics: Text component.
Recommendations Update Firefox to version 149.0.2 or later. Update Firefox ESR to version 140.9.1 or later. Update Thunderbird to version 149.0.2 or later. Update Thunderbird to version 140.9.1 or later.

Fix

Integer Overflow

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2026:7671
ALSA-2026:7672
ALSA-2026:8052
ALSA-2026:8459
ALSA-2026:9345
ALSA-2026:9638
BDU:2026-04975
CVE-2026-5732
OESA-2026-1874
OESA-2026-1875
OESA-2026-1876
OESA-2026-1877
OESA-2026-1878
OESA-2026-2109
OPENSUSE-SU-2026:10501-1
OPENSUSE-SU-2026:10503-1
OPENSUSE-SU-2026:10511-1
OPENSUSE-SU-2026:20486-1
RHSA-2026:11805
RHSA-2026:11813
RHSA-2026:12264
RHSA-2026:13342
RHSA-2026:13412
RHSA-2026:13533
RHSA-2026:13582
RHSA-2026:13583
RHSA-2026:13596
RHSA-2026:13600
RHSA-2026:13665
RHSA-2026:13682
RHSA-2026:13683
RHSA-2026:13922
RHSA-2026:13977
RHSA-2026:14223
RHSA-2026:14303
RHSA-2026:15889
RHSA-2026:7671
RHSA-2026:7672
RHSA-2026:8052
RHSA-2026:8459
RHSA-2026:9345
RHSA-2026:9638
SUSE-SU-2026:1273-1
SUSE-SU-2026:1322-1
SUSE-SU-2026:1379-1
SUSE-SU-2026:21157-1

Affected Products

Firefox
Firefox Esr
Rocky Linux
Thunderbird