CVE-2026-4690 in Mozilla Firefoxinfo

Summary

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

Responsible

mozilla

Reservation

03/24/2026

Disclosure

03/24/2026

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
352739Mozilla Firefox XPCOM integer overflow190Not definedOfficial fixCVE-2026-4690

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!