What is the CVSS score of EUVD-2026-30923?

EUVD-2026-30923 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Mozilla Firefox are affected by EUVD-2026-30923?

Mozilla Firefox 150 contains memory corruption vulnerabilities enabling remote code execution through malicious web pages, creating a risk of complete system compromise across your user base.. A patch is available.

Mozilla Firefox EUVD-2026-30923

| CVE-2026-8973 HIGH

Buffer Overflow (CWE-119)

2026-05-19 mozilla

GHSA-f4hm-8h94-gvp6

RCE Buffer Overflow Mozilla

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 20, 2026 - 17:27 vuln.today

Severity Changed

May 20, 2026 - 17:22 NVD

CRITICAL HIGH

CVSS changed

May 20, 2026 - 17:22 NVD

9.8 (CRITICAL) 8.8 (HIGH)

CVE Published

May 19, 2026 - 12:30 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151.

AnalysisAI

Memory corruption vulnerabilities in Mozilla Firefox 150 could enable remote code execution when a user visits a maliciously crafted web page, with Mozilla acknowledging that some of the bugs showed evidence of memory corruption potentially exploitable for arbitrary code execution. The issue is resolved in Firefox 151 per Mozilla advisory MFSA2026-46/MFSA2026-50. …

RemediationAI

Within 24 hours: Identify and catalog all Firefox 150 installations across your organization. Within 7 days: Deploy Firefox 151 patch to all affected endpoints via your software deployment mechanism. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-44739 HIGH This Week

8.7 May 27

SQL injection in Pimcore's CustomReportsBundle (versions ≤ 12.3.5) lets an authenticated user holding the reports_config

Vendor StatusVendor

EUVD-2026-30923 vulnerability details – vuln.today

Back

Mozilla Firefox EUVD-2026-30923

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code