EUVD-2026-30924
GHSA-96x7-hrvx-gqj6
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionNVD
Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151.
AnalysisAI
Privilege escalation in Mozilla Firefox's WebRTC Audio/Video component allows remote attackers to elevate privileges within the browser context when a user is lured into interacting with a malicious page. The flaw carries a CVSS 8.8 with required user interaction and was addressed in Firefox 151; no public exploit identified at time of analysis and EPSS exploitation probability sits at 0.03% (8th percentile).
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Audit Firefox installations across your environment using endpoint management tools to identify scope and affected users. Within 7 days: Deploy Firefox 151 or later to all endpoints using your patch management system. …
Sign in for detailed remediation steps.
More from same product – last 7 days
SQL injection in Pimcore's CustomReportsBundle (versions ≤ 12.3.5) lets an authenticated user holding the reports_config
Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today