CVE-2026-8974

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox versions 140.10 through 150 Thunderbird versions 140.10 through 150

Description Memory safety bugs involving memory corruption could allow an attacker to run arbitrary code.

Recommendations Update Firefox to version 151 or ESR 140.11. Update Thunderbird to version 151 or 140.11.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

ALSA-2026:21378

ALSA-2026:21380

ALSA-2026:21381

ALSA-2026:21382

ALSA-2026:22325

ALSA-2026:22643

CVE-2026-8974

OESA-2026-2392

OESA-2026-2393

OESA-2026-2394

OPENSUSE-SU-2026:10813-1

OPENSUSE-SU-2026:10863-1

OPENSUSE-SU-2026:10864-1

Firefox

Rocky Linux

Thunderbird