Description
Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2.
References (7)
Core 7
Core References
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-8093
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2467701
Memory safety bugs fixed in Firefox 150.0.2
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1981270%2C2027154%2C2028332%2C2029327%2C2029428%2C2029894%2C2032189%2C2034837%2C2035968%2C2036256
Memory safety bugs fixed in Firefox 150.0.2
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1981270%2C2027154%2C2028332%2C2029327%2C2029894%2C2032189%2C2034837%2C2035968%2C2036256
Scores
CVSS v3
8.1
EPSS
0.0032
EPSS Percentile
24.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-119
CWE-120
Status
published
Products (4)
mozilla/firefox
< 150.0.2
Mozilla/Firefox
150.0.2
mozilla/thunderbird
< 150.0.2
Mozilla/Thunderbird
150.0.2
Published
May 07, 2026
Tracked Since
May 07, 2026