CVE-2026-2757
Discovered by AISLEPUBLISHED
Description
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
CVSS Base Scores
CVSS v3.1(Primary)
9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Version | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified | affected |
| Mozilla | Firefox ESR | unspecified | affected |
| Mozilla | Thunderbird | unspecified | affected |
Credits
- Igor Morgenstern
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=2001637
- https://www.mozilla.org/security/advisories/mfsa2026-13/
- https://www.mozilla.org/security/advisories/mfsa2026-14/
- https://www.mozilla.org/security/advisories/mfsa2026-15/
- https://www.mozilla.org/security/advisories/mfsa2026-16/
- https://www.mozilla.org/security/advisories/mfsa2026-17/