Mozilla Foundation Security Advisory 2026-14

#CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component

Reporter

Igor Morgenstern

Impact

high

References

• Bug 2001637

#CVE-2026-2758: Use-after-free in the JavaScript: GC component

Reporter

Gary Kwong

Impact

high

References

• Bug 2009608

#CVE-2026-2759: Incorrect boundary conditions in the Graphics: ImageLib component

Reporter

stevej

Impact

high

References

• Bug 2010933

#CVE-2026-2760: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component

Reporter

Oskar L

Impact

high

References

• Bug 2011062

#CVE-2026-2761: Sandbox escape in the Graphics: WebRender component

Reporter

Oskar L

Impact

high

References

• Bug 2011063

#CVE-2026-2763: Use-after-free in the JavaScript Engine component

Reporter

Information to follow

Impact

high

References

• Bug 2012018

#CVE-2026-2764: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component

Reporter

Information to follow

Impact

high

References

• Bug 2012608

#CVE-2026-2769: Use-after-free in the Storage: IndexedDB component

Reporter

Information to follow

Impact

high

References

• Bug 2014550

#CVE-2026-2770: Use-after-free in the DOM: Bindings (WebIDL) component

Reporter

Information to follow

Impact

high

References

• Bug 2014585

#CVE-2026-2771: Undefined behavior in the DOM: Core & HTML component

Reporter

Information to follow

Impact

high

References

• Bug 2014593

#CVE-2026-2772: Use-after-free in the Audio/Video: Playback component

Reporter

Information to follow

Impact

high

References

• Bug 2014827

#CVE-2026-2773: Incorrect boundary conditions in the Web Audio component

Reporter

Information to follow

Impact

high

References

• Bug 2014832

#CVE-2026-2774: Integer overflow in the Audio/Video component

Reporter

Information to follow

Impact

high

References

• Bug 2014883

#CVE-2026-2775: Mitigation bypass in the DOM: HTML Parser component

Reporter

Information to follow

Impact

high

References

• Bug 2015199

#CVE-2026-2776: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software

Reporter

Sajeeb Lohani

Impact

high

References

• Bug 2015266

#CVE-2026-2777: Privilege escalation in the Messaging System component

Reporter

Richard Belisle

Impact

high

References

• Bug 2015305

#CVE-2026-2778: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component

Reporter

Sajeeb Lohani

Impact

high

References

• Bug 2016358

#CVE-2026-2787: Use-after-free in the DOM: Window and Location component

Reporter

Information to follow

Impact

moderate

References

• Bug 2014560

#CVE-2026-2788: Incorrect boundary conditions in the Audio/Video: GMP component

Reporter

Information to follow

Impact

moderate

References

• Bug 2014824

#CVE-2026-2789: Use-after-free in the Graphics: ImageLib component

Reporter

Information to follow

Impact

moderate

References

• Bug 2015179

#CVE-2026-2793: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

Reporter

Andrew McCreight, Christian Holler

Impact

high

Description

Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

• Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148