CVE-2026-2788 | THREATINT

Description

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

PUBLISHED Reserved 2026-02-19 | Published 2026-02-24 | Updated 2026-02-24 | Assigner mozilla

Product status

Any version before 148

affected

Any version before 115.33

affected

Any version before 140.8

affected

Any version before 148

affected

Any version before 140.8

affected

Credits

Information to follow

References

bugzilla.mozilla.org/show_bug.cgi?id=2014824

www.mozilla.org/security/advisories/mfsa2026-13/

www.mozilla.org/security/advisories/mfsa2026-14/

www.mozilla.org/security/advisories/mfsa2026-15/

www.mozilla.org/security/advisories/mfsa2026-16/

www.mozilla.org/security/advisories/mfsa2026-17/

cve.org (CVE-2026-2788)

nvd.nist.gov (CVE-2026-2788)

Download JSON