Mozilla Foundation Security Advisory 2026-45
Security Vulnerabilities fixed in Firefox 150.0.3
- Announced
- May 12, 2026
- Impact
- high
- Products
- Firefox
- Fixed in
-
- Firefox 150.0.3
#CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component
- Reporter
- ggwhyp
- Impact
- high
References
#CVE-2026-8389: JIT miscompilation in the JavaScript Engine: JIT component
- Reporter
- ggwhyp
- Impact
- high
References
#CVE-2026-8390: Use-after-free in the JavaScript: WebAssembly component
- Reporter
- OpenAI Preparedness, Bill Demirkapi
- Impact
- high
References
#CVE-2026-8391: Other issue in the JavaScript Engine component
- Reporter
- ggwhyp
- Impact
- high
References
#CVE-2026-8401: Sandbox escape in the Profile Backup component
- Reporter
- ggwhyp
- Impact
- high