CVE-2026-6786 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: April 26, 2026
Mozilla Firefox & Thunderbird - Remote Code Execution
Overview
Mozilla Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149, and Thunderbird 149 contain memory safety bugs caused by memory corruption, letting attackers potentially execute arbitrary code, exploit requires successful memory corruption.
Severity & Score
Impact
Attackers can exploit memory corruption to execute arbitrary code, potentially leading to full system compromise.
Mitigation
Update to Firefox 150, Firefox ESR 140.10, Thunderbird 150, or Thunderbird 140.10.
References
- https://bugzilla.mozilla.org/buglist.cgi
- https://www.mozilla.org/security/advisories/mfsa2026-30/
- https://www.mozilla.org/security/advisories/mfsa2026-32/
- https://www.mozilla.org/security/advisories/mfsa2026-33/
- https://www.mozilla.org/security/advisories/mfsa2026-34/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=2010727%2C2019004%2C2019224%2C2019547%2C2020378%2C2022381%2C2022608%2C2022785%2C2023120%2C2023128%2C2023140%2C2023279%2C2023836%2C2023882%2C2023925%2C2023950%2C2023959%2C2023965%2C2024243%2C2024245%2C2024247%2C2024253%2C2024346%2C2024357%2C2024416%2C2024420%2C2024429%2C2024432%2C2024455%2C2024466%2C2024468%2C2024476%2C2024664%2C2024666%2C2024669%2C2024670%2C2024671%2C2024761%2C2024918%2C2025292%2C2025332%2C2025348%2C2025384%2C2025395%2C2025458%2C2025461%2C2025463%2C2025481%2C2025483%2C2025485%2C2025494%2C2025506%2C2025511%2C2025513%2C2025520%2C2026277%2C2026282%2C2026288%2C2026289%2C2026311%2C2026312%2C2026869%2C2027152%2C2027161%2C2027238%2C2027261%2C2027269%2C2027274%2C2027280%2C2027281%2C2027300%2C2027302%2C2027331%2C2027339%2C2027340%2C2027738%2C2027975%2C2028000%2C2028011%2C2028289%2C2028525%2C2028728%2C2028887%2C2028888%2C2028896%2C2029063%2C2029064%2C2029290%2C2029291%2C2029294%2C2029300%2C2029304%2C2029316%2C2029317%2C2029401%2C2029415%2C2029430%2C2029457%2C2029727%2C2029735%2C2029743%2C2029752%2C2029754%2C2029776%2C2029809%2C2030324%2C2030370
Social Media Activity(2 posts)
š CVE-2026-6786 - High (8.1) Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run ... š https://www.thehackerwire.com/vulnerability/CVE-2026-6786/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-6786 - High (8.1) Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run ... š https://www.thehackerwire.com/vulnerability/CVE-2026-6786/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-6786
- Severity
- High
- CVSS Score
- 8.1
- Type
- undefined
- Status
- new
- EPSS
- 4.6%
- Social Posts
- 2
CWE
- CWE-125
CVSS Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H