Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Firefox  >> 10.0.5  Security Vulnerabilities
CVE-2026-4687
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
8.6
EPSS Score
0.004
Published
2026-03-24
CVE-2026-4688
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
10.0
EPSS Score
0.004
Published
2026-03-24
CVE-2026-4689
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
10.0
EPSS Score
0.007
Published
2026-03-24
CVE-2026-4690
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
8.6
EPSS Score
0.006
Published
2026-03-24
CVE-2026-4691
Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
9.8
EPSS Score
0.005
Published
2026-03-24
CVE-2026-2786
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-02-24
CVE-2026-2787
Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.004
Published
2026-02-24
CVE-2026-2788
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.004
Published
2026-02-24
CVE-2026-2789
Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-02-24
CVE-2026-2790
Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.002
Published
2026-02-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved