HIGHCVE-2026-8090Published Modified CNA mozilla
CVE-2026-8090: Use-after-free in the DOM: Networking component
Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.
Metrics
- CVSS v3.1
- 7.3
- Severity
- HIGH
- Fixed in
- 115.35.2
- Affected Products
- 2
Fix available
115.35.2140.10.2150.0.2
Affected packages
- Mozilla / FirefoxFixed in 115.35.2, 140.10.2, 150.0.2
- Mozilla / ThunderbirdFixed in 140.10.2, 150.0.2
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L