CVE-2026-7321

CVSS v3.1

9.6

Critical

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 150 Thunderbird versions prior to 150 Firefox ESR versions prior to 140.10.1

Description A sandbox escape exists in the WebRTC: Networking component caused by incorrect boundary conditions. A sandbox is a security mechanism used to separate running programs from the rest of the system to prevent malicious code from accessing sensitive data or resources.

Recommendations Update Firefox to version 150. Update Thunderbird to version 150. Update Firefox ESR to version 140.10.1.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALSA-2026:19153

ALSA-2026:19157

ALSA-2026:19348

ALSA-2026:19370

ALSA-2026:19588

ALSA-2026:20586

CVE-2026-7321

OESA-2026-2132

OESA-2026-2133

OESA-2026-2134

OESA-2026-2246

OESA-2026-2275

OPENSUSE-SU-2026:10661-1

OPENSUSE-SU-2026:10687-1

RHSA-2026:19153

RHSA-2026:19157

RHSA-2026:19348

RHSA-2026:19370

RHSA-2026:19588

RHSA-2026:20586

RHSA-2026:21743

Affected Products

Firefox

Firefox Esr

Rocky Linux

Thunderbird

CVE-2026-7321

Weakness Enumeration

Related Identifiers

Affected Products

References · 123