PT-2026-33970 · Mozilla · Firefox+1

Published

2026-04-21

Updated

2026-05-25

CVE-2026-6784

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox version 149 Thunderbird version 149

Description Memory safety bugs involving memory corruption and out-of-bounds reads exist in the software. These issues could allow an unauthenticated remote attacker to execute arbitrary code on the system via a malicious website.

Recommendations Update Firefox to version 150. Update Thunderbird to version 150.

Fix

RCE

DoS

Use After Free

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-787CWE-125

Related Identifiers

BDU:2026-06957

CVE-2026-6784

OPENSUSE-SU-2026:10626-1

Affected Products

Firefox

Thunderbird

PT-2026-33970 · Mozilla · Firefox+1

CVE-2026-6784

Weakness Enumeration

Related Identifiers

Affected Products

References · 59