Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Firefox for Android: Malicious Audio/Video Can Crash App
CVE-2026-3845
Summary
Firefox for Android versions prior to 148.0.2 are susceptible to a flaw where malicious audio or video content can cause the app to crash or potentially execute unauthorized code. This affects users who listen to or view untrusted audio or video. Update to the latest version of Firefox for Android to resolve this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| mozilla | firefox | <= 148.0.2 | – |
Original title
Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2.
Original description
Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2.
nvd CVSS3.1
8.8
Vulnerability type
CWE-122
Heap-based Buffer Overflow
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026