CRITICALCVE-2026-0879Published Modified CNA mozilla
CVE-2026-0879: Sandbox escape due to incorrect boundary conditions in the Graphics component
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 115.32
- Affected Products
- 2
Fix available
115.32140.7147
Affected packages
- Mozilla / FirefoxFixed in 115.32, 140.7, 147
- Mozilla / ThunderbirdFixed in 140.7, 147
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H