Mozilla Foundation Security Advisory 2026-02
Security Vulnerabilities fixed in Firefox ESR 115.32
- Announced
- January 13, 2026
- Impact
- high
- Products
- Firefox ESR
- Fixed in
-
- Firefox ESR 115.32
#CVE-2026-0877: Mitigation bypass in the DOM: Security component
- Reporter
- mingijung
- Impact
- high
References
#CVE-2026-0879: Sandbox escape due to incorrect boundary conditions in the Graphics component
- Reporter
- Oskar L
- Impact
- high
References
#CVE-2026-0880: Sandbox escape due to integer overflow in the Graphics component
- Reporter
- Oskar L
- Impact
- high
References
#CVE-2026-0882: Use-after-free in the IPC component
- Reporter
- Randell Jesup
- Impact
- high
References
#CVE-2026-0886: Incorrect boundary conditions in the Graphics component
- Reporter
- Oskar L
- Impact
- moderate