Skip to main content

Firefox Esr CVE-2026-5732

| EUVDEUVD-2026-19611 HIGH
Integer Overflow or Wraparound (CWE-190)
2026-04-07 mozilla GHSA-mj57-mxq8-qvw9
8.8
CVSS 3.1 · Vendor: mozilla
Share

Severity by source

Vendor (mozilla) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative
Red Hat
8.8 HIGH
qualitative

Primary rating from Vendor (mozilla).

CVSS VectorVendor: mozilla

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:05 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
140.9.1,149.0.2
EUVD ID Assigned
Apr 07, 2026 - 13:00 euvd
EUVD-2026-19611
Analysis Generated
Apr 07, 2026 - 13:00 vuln.today
CVE Published
Apr 07, 2026 - 12:43 nvd
HIGH 8.8

DescriptionCVE.org

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability affects Firefox < 149.0.2 and Firefox ESR < 140.9.1.

AnalysisAI

Integer overflow in Firefox and Firefox ESR text rendering engine allows remote attackers to achieve arbitrary code execution via specially crafted web content. Affects Firefox versions prior to 149.0.2 and Firefox ESR prior to 140.9.1. Attack requires user interaction (visiting malicious webpage) but no authentication. CVSS 8.8 (High severity). No public exploit identified at time of analysis, though the vulnerability class (integer overflow leading to buffer overflow) is well-understood and exploitable.

Technical ContextAI

This vulnerability resides in Firefox's Graphics: Text component, which handles text layout, rendering, and typography operations in the browser engine. The issue is rooted in CWE-190 (Integer Overflow or Wraparound), where arithmetic operations on text processing parameters can exceed maximum representable values, leading to incorrect memory allocation sizes. When combined with improper boundary condition checks, this integer overflow can cascade into a buffer overflow condition. The Graphics: Text subsystem is critical for rendering all textual content in web pages, making it a high-value attack surface. Integer overflows in graphics rendering have historically been exploited to achieve memory corruption primitives that enable arbitrary code execution in the browser's security context.

RemediationAI

Vendor-released patch: Firefox 149.0.2 and Firefox ESR 140.9.1. Organizations should immediately upgrade Firefox installations to version 149.0.2 or later for standard release channel users, and Firefox ESR 140.9.1 or later for Extended Support Release deployments. Patches address the integer overflow condition in the Graphics: Text component through improved boundary checking and integer arithmetic validation. Updates can be obtained through Firefox's built-in automatic update mechanism, enterprise deployment tools (MSI/PKG installers), or direct download from Mozilla. No workarounds are available for this vulnerability; patching is the only effective remediation. Detailed patch information and deployment guidance available in Mozilla Foundation Security Advisories MFSA2026-25 (https://www.mozilla.org/security/advisories/mfsa2026-25/) and MFSA2026-27 (https://www.mozilla.org/security/advisories/mfsa2026-27/). Administrators should verify Firefox version compliance across endpoints using enterprise management tools or Firefox's about:support diagnostic page.

CVE-2020-26950 HIGH POC
8.8 Dec 09

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable

CVE-2026-4689 CRITICAL POC
10.0 Mar 24

A sandbox escape vulnerability exists in Firefox's XPCOM component due to incorrect boundary conditions and integer over

CVE-2022-29917 CRITICAL POC
9.8 Dec 22

Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bug

CVE-2014-1568 HIGH
7.5 Sep 25

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozi

CVE-2022-26384 CRITICAL POC
9.6 Dec 22

If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scri

CVE-2022-34484 HIGH POC
8.8 Dec 22

The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Rated high severity (CVSS 8.8)

CVE-2022-28281 HIGH POC
8.8 Dec 22

If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent pr

CVE-2022-26381 HIGH POC
8.8 Dec 22

An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploi

CVE-2022-22756 HIGH POC
8.8 Dec 22

If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been

CVE-2022-22740 HIGH POC
8.8 Dec 22

Certain network request objects were freed too early when releasing a network request handle. Rated high severity (CVSS

CVE-2022-22738 HIGH POC
8.8 Dec 22

Applying a CSS filter effect could have accessed out of bounds memory. Rated high severity (CVSS 8.8), this vulnerabilit

CVE-2021-29988 HIGH POC
8.8 Aug 17

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Liberty Linux 10 Fixed
SUSE Liberty Linux 8 Fixed
SUSE Liberty Linux 9 Fixed
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS Fixed

Share

CVE-2026-5732 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy