ГлавнаяУязвимости → CVE-2026-4689
10критическая

CVE-2026-4689

Описание

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Затрагиваемое ПО
Mozilla FirefoxMozilla Thunderbird
CVSS
Балл10 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://bugzilla.mozilla.org/show_bug.cgi?id=2016374https://www.mozilla.org/security/advisories/mfsa2026-20/https://www.mozilla.org/security/advisories/mfsa2026-21/https://www.mozilla.org/security/advisories/mfsa2026-22/https://www.mozilla.org/security/advisories/mfsa2026-23/https://www.mozilla.org/security/advisories/mfsa2026-24/https://access.redhat.com/errata/RHSA-2026:5930https://access.redhat.com/errata/RHSA-2026:5931