Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-8094: Firefox ESR: WebRTC Security Risk in Older Versions

CVE-2026-8094

Summary

Older versions of Firefox ESR may be at risk of a security issue in the WebRTC component. This means that an attacker could potentially exploit a weakness in the software to gain unauthorized access. To fix this issue, update to Firefox ESR 140.10.2 or later.

Original title

Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.

Original description

Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.

Vulnerability type

CWE-94 Code Injection

https://bugzilla.mozilla.org/show_bug.cgi?id=2035939
https://www.mozilla.org/security/advisories/mfsa2026-41/
https://www.mozilla.org/security/advisories/mfsa2026-44/

Published: 7 May 2026 · Updated: 23 May 2026 · First seen: 7 May 2026