Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-8091: Firefox: Audio/Video playback can crash or be exploited
CVE-2026-8091
Summary
A bug in Firefox's audio and video playback component can cause the browser to crash or be exploited by attackers. This issue affects users who have not updated to the latest Firefox ESR versions. To fix the issue, update to Firefox ESR 140.10.2 or Firefox ESR 115.35.2.
Original title
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.3...
Original description
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.
Vulnerability type
CWE-754
- https://bugzilla.mozilla.org/show_bug.cgi?id=2029301
- https://www.mozilla.org/security/advisories/mfsa2026-41/
- https://www.mozilla.org/security/advisories/mfsa2026-42/
- https://www.mozilla.org/security/advisories/mfsa2026-30/
- https://www.mozilla.org/security/advisories/mfsa2026-33/
- https://www.mozilla.org/security/advisories/mfsa2026-36/
- https://www.mozilla.org/security/advisories/mfsa2026-39/
Published: 7 May 2026 · Updated: 28 May 2026 · First seen: 7 May 2026