PT-2026-38429 · Mozilla · Firefox+2

Published

2026-05-07

Updated

2026-05-15

CVE-2026-8091

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 150 Thunderbird versions prior to 150 Firefox ESR versions prior to 140.10.2 Firefox ESR versions prior to 115.35.2

Description Incorrect boundary conditions exist in the Audio/Video: Playback component.

Recommendations Update to version 150 for Firefox. Update to version 150 for Thunderbird. Update to version 140.10.2 for Firefox ESR. Update to version 115.35.2 for Firefox ESR.

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

CVE-2026-8091

OESA-2026-2272

OESA-2026-2273

OESA-2026-2274

OESA-2026-2275

OPENSUSE-SU-2026:10720-1

Affected Products

Firefox

Firefox Esr

Thunderbird

PT-2026-38429 · Mozilla · Firefox+2

CVE-2026-8091

Weakness Enumeration

Related Identifiers

Affected Products

References · 37