CVE-2022-26485

HIGH KEV

Firefox < 97.0.2 - Use After Free

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2022-26485 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 7, 2022. EIP tracks 1 public exploit from researchers including mistymntncop.

AI-analyzed exploit summary The repository contains only a README file with minimal information about CVE-2022-26485, mentioning it was tested against Firefox 78.0 on Windows. No exploit code or technical details are provided.

Description

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.

Exploits (1)

nomisec STUB 19 stars
by mistymntncop · client-side
https://github.com/mistymntncop/CVE-2022-26485

The repository contains only a README file with minimal information about CVE-2022-26485, mentioning it was tested against Firefox 78.0 on Windows. No exploit code or technical details are provided.

Classification
Stub 30%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Firefox 78.0 (Windows)
No auth needed
Prerequisites: Firefox 78.0 on Windows
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.8
EPSS 0.1426
EPSS Percentile 96.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable no
Technical Impact total

Details

CISA KEV 2022-03-07
VulnCheck KEV 2022-03-05
InTheWild.io 2022-03-07
ENISA EUVD EUVD-2022-31043
CWE
CWE-416
Status published
Products (5)
mozilla/firefox < 91.6.1
mozilla/firefox < 97.0.2
mozilla/firefox < 97.3.0
mozilla/firefox_focus < 97.3.0
mozilla/thunderbird < 91.6.2
Published Dec 22, 2022
KEV Added Mar 07, 2022
Tracked Since Feb 18, 2026