VDB
GHSA-gw7x-g9xx-wmm2
GHSA-gw7x-g9xx-wmm2
PUBLISHED
CVSS 8.600000381469727 HIGH
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9.
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Timeline
- Mar 24, 2026 CVE Published
- Mar 24, 2026 CVE Updated
- Apr 10, 2026 Security Advisory
References
- https://nvd.nist.gov/vuln/detail/CVE-2026-4687 advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=2016368 url
- https://www.mozilla.org/security/advisories/mfsa2026-20 url
- https://www.mozilla.org/security/advisories/mfsa2026-21 url
- https://www.mozilla.org/security/advisories/mfsa2026-22 url
- https://www.mozilla.org/security/advisories/mfsa2026-23 url
- https://www.mozilla.org/security/advisories/mfsa2026-24 url