Firefox NSS CVE-2026-6766

| EUVD-2026-24107 HIGH
Improper Check for Unusual or Exceptional Conditions (CWE-754)
2026-04-21 mozilla GHSA-q6qg-6fmg-jjcv
Information Disclosure Mozilla
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Updated
Apr 22, 2026 - 00:36 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Apr 22, 2026 - 00:22 vuln.today
cvss_changed
Analysis Generated
Apr 21, 2026 - 17:23 vuln.today
CVSS changed
Apr 21, 2026 - 17:22 NVD
7.5 (HIGH)

DescriptionNVD

Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

AnalysisAI

Remote information disclosure in Mozilla Network Security Services (NSS) library allows unauthenticated attackers to extract high-sensitivity data via network requests with no user interaction. Affects Firefox versions prior to 150 and Firefox ESR prior to 140.10. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all Firefox installations running versions prior to 150 and Firefox ESR prior to 140.10 across your organization. Within 7 days: Deploy Firefox 150 or Firefox ESR 140.10 (or later) to all affected systems via your standard patch management process. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-6766 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy