Описание
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code.
Below is a complete list of vulnerabilities:
- Denial of service vulnerability in the Audio/Video: Web Codecs component can be exploited remotely to cause denial of service.
- Denial of service vulnerability in the JavaScript Engine: JIT component can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in the DOM: Bindings (WebIDL) component can be exploited remotely to execute arbitrary code.
- Denial of service vulnerability in the JavaScript Engine component can be exploited remotely to cause denial of service.
- Security vulnerability in the Profile Backup component can be exploited to bypass security restrictions.
- A remote code execution vulnerability in the Disability Access APIs component can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Thunderbird 140 can be exploited remotely to execute arbitrary code.
Первичный источник обнаружения
Эксплуатация
Связанные продукты
Список CVE
- CVE-2026-8388 high
- CVE-2026-8391 high
- CVE-2026-8401 critical
- CVE-2026-8946 critical
- CVE-2026-8947 high
- CVE-2026-8953 critical
- CVE-2026-8975 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!