CVE-2026-2781 | THREATINT

Description

Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35.

PUBLISHED Reserved 2026-02-19 | Published 2026-02-24 | Updated 2026-04-21 | Assigner mozilla

Product status

115.35 (rpm)

unaffected

140.8 (rpm)

unaffected

148 (rpm)

unaffected

140.8 (rpm)

unaffected

148 (rpm)

unaffected

Credits

Clay Ver Valen

References

lists.debian.org/debian-lts-announce/2026/03/msg00012.html

bugzilla.mozilla.org/show_bug.cgi?id=2009552

www.mozilla.org/security/advisories/mfsa2026-13/

www.mozilla.org/security/advisories/mfsa2026-15/

www.mozilla.org/security/advisories/mfsa2026-16/

www.mozilla.org/security/advisories/mfsa2026-17/

www.mozilla.org/security/advisories/mfsa2026-31/

cve.org (CVE-2026-2781)

nvd.nist.gov (CVE-2026-2781)

Download JSON

help @ threatint.eu