PT-2026-35737 · Mozilla+1 · Firefox Esr+2

Mozilla Fuzzing Team

+2

·

Published

2026-04-28

·

Updated

2026-05-26

·

CVE-2026-7323

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Firefox ESR version 140.10.0 Firefox version 150.0.0
Description Memory safety bugs exist that exhibit evidence of memory corruption, which could potentially be exploited to execute arbitrary code.
Recommendations Update Firefox ESR to version 140.10.1. Update Firefox to version 150.0.1.

Fix

DoS

Memory Corruption

Buffer Overflow

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALSA-2026:19153
ALSA-2026:19157
ALSA-2026:19348
ALSA-2026:19370
ALSA-2026:19588
ALSA-2026:20586
BDU:2026-07461
CVE-2026-7323
OESA-2026-2132
OESA-2026-2133
OESA-2026-2134
OESA-2026-2246
OESA-2026-2275
OPENSUSE-SU-2026:10661-1
OPENSUSE-SU-2026:10668-1
OPENSUSE-SU-2026:10687-1
RHSA-2026:19153
RHSA-2026:19157
RHSA-2026:19348
RHSA-2026:19370
RHSA-2026:19588

Affected Products

Firefox
Firefox Esr
Rocky Linux