5.4
CVE-2026-2804 - Use-after-free in the JavaScript: WebAssembly component
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
9.8
CVE-2026-2805 - Invalid pointer in the DOM: Core & HTML component
Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
7.5
CVE-2026-2803 - Information disclosure, mitigation bypass in the Settings UI component
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
4.2
CVE-2026-2802 - Race condition in the JavaScript: GC component
Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
9.8
CVE-2026-2800 - Spoofing issue in the WebAuthn component in Firefox for Android
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
7.5
CVE-2026-2801 - Incorrect boundary conditions in the JavaScript: WebAssembly component
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
8.8
CVE-2026-2798 - Use-after-free in the DOM: Core & HTML component
Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
8.8
CVE-2026-2799 - Use-after-free in the DOM: Core & HTML component
Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
8.8
CVE-2026-2797 - Use-after-free in the JavaScript: GC component
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
9.8
CVE-2026-2796 - JIT miscompilation in the JavaScript: WebAssembly component
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.