Home / Vulnerability Intelligence / CVE-2026-3845

CVE-2026-3845 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 11, 2026

Firefox for Android - Buffer Overflow

Published: March 10, 2026Updated: March 11, 2026Remote Exploitable

Overview

Firefox for Android < 148.0.2 contains a heap buffer overflow caused by a flaw in the Audio/Video: Playback component, letting attackers cause memory corruption or potential code execution, exploit requires crafted media input.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 3.9%(Probability of exploitation in next 30 days)

Impact

Attackers can cause memory corruption leading to potential remote code execution or application crash.

Mitigation

Update to version 148.0.2 or later.

References

Social Media Activity(2 posts)

TheHackerWire

@thehackerwire

Mar 10, 2026

🟠 CVE-2026-3845 - High (8.8) Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3845/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 10, 2026

View original post

Related Resources

Details

CVE ID: CVE-2026-3845
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: unconfirmed
EPSS: 3.9%
Social Posts: 2

CWE

CWE-122

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

3.9%Probability of exploitation in the next 30 days