FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Firefox -- Multiple vulnerabilities

Affected packages
firefox < 148.0.0,2
thunderbird < 148.0.0

Details

VuXML ID 1124a7b0-1338-11f1-a55d-b42e991fc52e
Discovery 2026-02-24
Entry 2026-02-26

CVE-2026-2807: Memory safety bugs present in Firefox 147 and Thunderbird 147

CVE-2026-2806: Uninitialized memory in the Graphics: Text component.

CVE-2026-2805: Invalid pointer in the DOM: Core & HTML component.

CVE-2026-2804: Use-after-free in the JavaScript: WebAssembly component.

CVE-2026-2803: Information disclosure, mitigation bypass in the Settings UI component.

CVE-2026-2802: Race condition in the JavaScript: GC component.

CVE-2026-2801: Incorrect boundary conditions in the JavaScript: WebAssembly component.

CVE-2026-2799: Use-after-free in the DOM: Core & HTML component.

CVE-2026-2798: Use-after-free in the DOM: Core & HTML component.

CVE-2026-2797: Use-after-free in the JavaScript: GC component.

CVE-2026-2796: JIT miscompilation in the JavaScript: WebAssembly component

CVE-2026-2795: Use-after-free in the JavaScript: GC component.

References

CVE Name CVE-2026-2795
CVE Name CVE-2026-2796
CVE Name CVE-2026-2797
CVE Name CVE-2026-2798
CVE Name CVE-2026-2799
CVE Name CVE-2026-2801
CVE Name CVE-2026-2802
CVE Name CVE-2026-2803
CVE Name CVE-2026-2804
CVE Name CVE-2026-2805
CVE Name CVE-2026-2806
CVE Name CVE-2026-2807

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.