CVE-2026-2789 - Use-after-free in the Graphics: ImageLib component
CVE ID : CVE-2026-2789
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2789
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2790 - Same-origin policy bypass in the Networking: JAR component
CVE ID : CVE-2026-2790
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2790
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2791 - Mitigation bypass in the Networking: Cache component
CVE ID : CVE-2026-2791
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2791
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2792 - Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
CVE ID : CVE-2026-2792
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2792
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2793 - Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
CVE ID : CVE-2026-2793
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2793
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2794 - Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android
CVE ID : CVE-2026-2794
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2794
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2795 - Use-after-free in the JavaScript: GC component
CVE ID : CVE-2026-2795
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2795
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2796 - JIT miscompilation in the JavaScript: WebAssembly component
CVE ID : CVE-2026-2796
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2796
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2797 - Use-after-free in the JavaScript: GC component
CVE ID : CVE-2026-2797
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2797
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2798 - Use-after-free in the DOM: Core & HTML component
CVE ID : CVE-2026-2798
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2798
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2799 - Use-after-free in the DOM: Core & HTML component
CVE ID : CVE-2026-2799
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2799
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2800 - Spoofing issue in the WebAuthn component in Firefox for Android
CVE ID : CVE-2026-2800
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2800
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2801 - Incorrect boundary conditions in the JavaScript: WebAssembly component
CVE ID : CVE-2026-2801
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2801
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2802 - Race condition in the JavaScript: GC component
CVE ID : CVE-2026-2802
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2802
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2803 - Information disclosure, mitigation bypass in the Settings UI component
CVE ID : CVE-2026-2803
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2803
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2804 - Use-after-free in the JavaScript: WebAssembly component
CVE ID : CVE-2026-2804
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2804
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2805 - Invalid pointer in the DOM: Core & HTML component
CVE ID : CVE-2026-2805
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2805
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2806 - Uninitialized memory in the Graphics: Text component
CVE ID : CVE-2026-2806
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2806
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2807 - Memory safety bugs fixed in Firefox 148 and Thunderbird 148
CVE ID : CVE-2026-2807
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2807
Published : Feb. 24, 2026, 2:16 p.m. | 51 minutes ago
Description : Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-27567 - Payload has Server-Side Request Forgery (SSRF) in External File URL Uploads
CVE ID : CVE-2026-27567
Published : Feb. 24, 2026, 2:22 p.m. | 45 minutes ago
Description : Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an authenticated attacker to access internal network resources. The Payload environment must have at least one collection with `upload` enabled and a user who has `create` access to that upload-enabled collection in order to be vulnerable. An authenticated user with upload collection write permissions could potentially access internal services. Response content from internal services could be retrieved through the application. This vulnerability has been patched in v3.75.0. As a workaround, one may mitigate this vulnerability by disabling external file uploads via the `disableExternalFile` upload collection option, or by restricting `create` access on upload-enabled collections to trusted users only.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-27567
Published : Feb. 24, 2026, 2:22 p.m. | 45 minutes ago
Description : Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an authenticated attacker to access internal network resources. The Payload environment must have at least one collection with `upload` enabled and a user who has `create` access to that upload-enabled collection in order to be vulnerable. An authenticated user with upload collection write permissions could potentially access internal services. Response content from internal services could be retrieved through the application. This vulnerability has been patched in v3.75.0. As a workaround, one may mitigate this vulnerability by disabling external file uploads via the `disableExternalFile` upload collection option, or by restricting `create` access on upload-enabled collections to trusted users only.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3101 - Intelbras TIP 635G Ping os command injection
CVE ID : CVE-2026-3101
Published : Feb. 24, 2026, 2:32 p.m. | 35 minutes ago
Description : A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3101
Published : Feb. 24, 2026, 2:32 p.m. | 35 minutes ago
Description : A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...