CVE-2026-4689
Received
Received - Intake
Integer Overflow in Firefox XPCOM Enables Sandbox Escape
Publication date: 2026-03-24
Last updated on: 2026-04-13
Assigner: Mozilla Corporation
Description
Description
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mozilla | firefox | to 149.0 (exc) |
| mozilla | firefox | to 115.34.0 (exc) |
| mozilla | firefox | From 128.0 (inc) to 140.9.0 (exc) |
| mozilla | thunderbird | to 149.0 (exc) |
| mozilla | thunderbird | to 140.9.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
| CWE-190 | The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
How can this vulnerability impact me? :
Exploitation of this vulnerability could allow an attacker to escape the sandbox environment, potentially leading to unauthorized access or control beyond the intended restricted environment within Firefox.
Can you explain this vulnerability to me?
This vulnerability is a sandbox escape caused by incorrect boundary conditions and an integer overflow in the XPCOM component of Firefox. It affects versions of Firefox earlier than 149, Firefox ESR earlier than 115.34, and Firefox ESR earlier than 140.9.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70