CVE-2026-5733

HIGH

Incorrect boundary conditions in the Graphics: WebGPU component

Title source: cna

Description

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2.

Exploits (1)

nomisec SUSPICIOUS
by Lechansky · poc
https://github.com/Lechansky/CVE-2026-5733

References (3)

Scores

CVSS v3 8.8
EPSS 0.0004
EPSS Percentile 11.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (5)
mozilla/firefox < 149.0.2
Mozilla/Firefox 149.0.2
Mozilla/Firefox unspecified - 149.0.2
Mozilla/Thunderbird 149.0.2
Mozilla/Thunderbird unspecified - 149.0.2
Published Apr 07, 2026
Tracked Since Apr 07, 2026