PatchSiren cyber security CVE debrief
CVE-2026-4687 Mozilla CVE debrief
CVE-2026-4687 is a high-severity vulnerability in Mozilla Firefox, allowing for sandbox escape due to incorrect boundary conditions in the Telemetry component. The vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. This vulnerability has a CVSS score of 8.6 and is classified as HIGH. The CVE was published on March 24, 2026, and last modified on June 30, 2026.
- Vendor
- Mozilla
- Product
- Firefox
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-24
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-03-24
- Advisory updated
- 2026-06-30
Who should care
Organizations and individuals using Mozilla Firefox, Firefox ESR, Thunderbird, or other affected products should prioritize patching this vulnerability to prevent potential sandbox escapes. This vulnerability is particularly concerning due to its high CVSS score and the potential for exploitation. Users of Red Hat products may also be affected, as indicated by multiple Red Hat errata references.
Technical summary
CVE-2026-4687 is a sandbox escape vulnerability in the Telemetry component of Mozilla Firefox. The vulnerability is caused by incorrect boundary conditions, which could allow an attacker to escape the sandbox and potentially execute arbitrary code. The vulnerability affects multiple products, including Firefox, Firefox ESR, and Thunderbird. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H, indicating a high severity. The weakness is primarily classified as CWE-754.
Defensive priority
Patching this vulnerability is of high priority due to its high CVSS score and potential for exploitation. Organizations should prioritize patching Firefox, Firefox ESR, and Thunderbird installations to prevent potential sandbox escapes.
Recommended defensive actions
- Patch Firefox installations to version 149 or later.
- Patch Firefox ESR installations to version 115.34 or later, or 140.9 or later.
- Patch Thunderbird installations to version 149 or later, or 140.9 or later.
- Review and apply Red Hat errata as necessary (RHSA-2026:5930, RHSA-2026:5931, etc.).
- Monitor for potential exploitation attempts using intrusion detection systems.
Evidence notes
The CVE record and NVD detail provide official information on the vulnerability. Multiple vendor advisories and errata references are available, indicating a coordinated disclosure and patching effort. The vulnerability is classified as CWE-754, with secondary weaknesses CWE-120 and CWE-501 also noted.
Official resources
-
CVE-2026-4687 CVE record
CVE.org
-
CVE-2026-4687 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
[email protected] - Permissions Required
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
- Source reference
- Source reference
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.