Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 24 February 2026
RSS259 vulnerabilities published on 24 February 2026
Severity:
Old Firefox and Thunderbird versions open to network cache attack
CVE-2026-2791
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbir...
9.8
Firefox and Thunderbird: Malicious Web Pages Can Access Local Files
CVE-2026-2790
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thun...
9.8
Firefox and Thunderbird: Graphics ImageLib Crash Risk
CVE-2026-2789
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird <...
9.8
Firefox and Thunderbird: Audio/Video Files Can Crash Browser
CVE-2026-2788
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, ...
9.8
Firefox and Thunderbird: Data Leaked in Browser Window
CVE-2026-2787
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunder...
9.8
Firefox and Thunderbird: Memory Leak Causes Data Exposure
CVE-2026-2786
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird <...
9.8
Firefox and Thunderbird: Invalid Pointer Can Crash Browser
CVE-2026-2785
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird ...
9.8
Firefox and Thunderbird: Memory Corruption Risk Through Web Page Interaction
CVE-2026-2784
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < ...
9.8
Firefox and Thunderbird Privilege Escalation Risk in Netmonitor Component
CVE-2026-2782
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < ...
9.8
Firefox and Thunderbird Integer Overflow in Libraries Component
CVE-2026-2781
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird ...
9.8
Firefox, Thunderbird: Privilege Escalation in Netmonitor Component
CVE-2026-2780
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < ...
9.8
Firefox and Thunderbird: Malicious Website Can Steal User Data
CVE-2026-2779
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and ...
9.8
Firefox and Thunderbird: Privilege Escalation Risk from Messaging System
CVE-2026-2777
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbi...
9.8
Firefox and Thunderbird: Malicious Web Content Can Bypass Security Measures
CVE-2026-2775
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird ...
9.8
Firefox and Thunderbird Audio/Video Feature Can Be Exploited by Malicious Code
CVE-2026-2774
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148,...
9.8
Firefox and Thunderbird: Web Audio Component Can Crash Browser
CVE-2026-2773
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunder...
9.8
Firefox and Thunderbird: Audio/Video Playback Can Crash Browser
CVE-2026-2772
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbir...
9.8
Firefox and Thunderbird: Code Error Causes Unexpected Browser Behavior
CVE-2026-2771
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird...
9.8
Firefox and Thunderbird: Malicious Websites Can Crash Browser
CVE-2026-2770
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbi...
9.8
Firefox and Thunderbird: Malicious Web Content Can Crash Browser
CVE-2026-2767
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunder...
9.8
Firefox and Thunderbird: JavaScript engine can crash or run malicious code
CVE-2026-2766
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderb...
9.8
Firefox and Thunderbird Use-after-free Bug Exposes Sensitive Data
CVE-2026-2765
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird <...
9.8
Firefox and Thunderbird: JavaScript Engine Can Crash or Execute Malicious Code
CVE-2026-2764
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ES...
9.8
Firefox and Thunderbird: Use-after-free in JavaScript Engine
CVE-2026-2763
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < ...
9.8
Firefox and Thunderbird: Integer Overflow in Standard Library Exposes Sensitive Data
CVE-2026-2762
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and ...
9.8