CVE-2026-0884 | THREATINT

Description

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PUBLISHED Reserved 2026-01-13 | Published 2026-01-13 | Updated 2026-01-15 | Assigner mozilla

Product status

Any version before 147

affected

Any version before 140.7

affected

Any version before 147

affected

Any version before 140.7

affected

Credits

Gary Kwong and Nan Wang

References

bugzilla.mozilla.org/show_bug.cgi?id=2003588

www.mozilla.org/security/advisories/mfsa2026-01/

www.mozilla.org/security/advisories/mfsa2026-03/

www.mozilla.org/security/advisories/mfsa2026-04/

www.mozilla.org/security/advisories/mfsa2026-05/

cve.org (CVE-2026-0884)

nvd.nist.gov (CVE-2026-0884)

Download JSON

help @ threatint.eu