FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mozilla -- Multiple vulnerabilities

Affected packages
firefox < 149.0.0,2
thunderbird < 149.0.0

Details

VuXML ID 26c24872-2943-11f1-8461-b42e991fc52e
Discovery 2026-03-24
Entry 2026-03-26

CVE-2026-4729: Memory safety bugs

CVE-2026-4728: Spoofing issue in the Privacy: Anti-Tracking component.

CVE-2026-4727: Denial-of-service in the Libraries component in NSS.

CVE-2026-4726: Denial-of-service in the XML component.

CVE-2026-4725: Sandbox escape due to use-after-free in the Graphics: Canvas2D component.

CVE-2026-4724: Undefined behavior in the Audio/Video component.

CVE-2026-4723: Use-after-free in the JavaScript Engine component.

CVE-2026-4722: Privilege escalation in the IPC component.

References

CVE Name CVE-2026-4722
CVE Name CVE-2026-4723
CVE Name CVE-2026-4724
CVE Name CVE-2026-4725
CVE Name CVE-2026-4726
CVE Name CVE-2026-4727
CVE Name CVE-2026-4728
CVE Name CVE-2026-4729

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.