VDB
GHSA-xr3f-844g-572f
GHSA-xr3f-844g-572f
PUBLISHED
CVSS 7.5 HIGH
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploit Intelligence
- mfsa2026-23.yml (github-poc)
- 2026.xml (github-poc)
Timeline
- Mar 24, 2026 CVE Published
- Mar 24, 2026 CVE Updated
- Apr 10, 2026 Security Advisory
References
- https://nvd.nist.gov/vuln/detail/CVE-2026-4707 advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=2015267 url
- https://www.mozilla.org/security/advisories/mfsa2026-20 url
- https://www.mozilla.org/security/advisories/mfsa2026-21 url
- https://www.mozilla.org/security/advisories/mfsa2026-22 url
- https://www.mozilla.org/security/advisories/mfsa2026-23 url
- https://www.mozilla.org/security/advisories/mfsa2026-24 url