PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-4687 Mozilla CVE debrief

CVE-2026-4687 is a high-severity vulnerability in Mozilla Firefox, allowing for sandbox escape due to incorrect boundary conditions in the Telemetry component. The vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. This vulnerability has a CVSS score of 8.6 and is classified as HIGH. The CVE was published on March 24, 2026, and last modified on June 30, 2026.

Vendor
Mozilla
Product
Firefox
CVSS
HIGH 8.6
CISA KEV
Not listed in stored evidence
Original CVE published
2026-03-24
Original CVE updated
2026-06-30
Advisory published
2026-03-24
Advisory updated
2026-06-30

Who should care

Organizations and individuals using Mozilla Firefox, Firefox ESR, Thunderbird, or other affected products should prioritize patching this vulnerability to prevent potential sandbox escapes. This vulnerability is particularly concerning due to its high CVSS score and the potential for exploitation. Users of Red Hat products may also be affected, as indicated by multiple Red Hat errata references.

Technical summary

CVE-2026-4687 is a sandbox escape vulnerability in the Telemetry component of Mozilla Firefox. The vulnerability is caused by incorrect boundary conditions, which could allow an attacker to escape the sandbox and potentially execute arbitrary code. The vulnerability affects multiple products, including Firefox, Firefox ESR, and Thunderbird. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H, indicating a high severity. The weakness is primarily classified as CWE-754.

Defensive priority

Patching this vulnerability is of high priority due to its high CVSS score and potential for exploitation. Organizations should prioritize patching Firefox, Firefox ESR, and Thunderbird installations to prevent potential sandbox escapes.

Recommended defensive actions

  • Patch Firefox installations to version 149 or later.
  • Patch Firefox ESR installations to version 115.34 or later, or 140.9 or later.
  • Patch Thunderbird installations to version 149 or later, or 140.9 or later.
  • Review and apply Red Hat errata as necessary (RHSA-2026:5930, RHSA-2026:5931, etc.).
  • Monitor for potential exploitation attempts using intrusion detection systems.

Evidence notes

The CVE record and NVD detail provide official information on the vulnerability. Multiple vendor advisories and errata references are available, indicating a coordinated disclosure and patching effort. The vulnerability is classified as CWE-754, with secondary weaknesses CWE-120 and CWE-501 also noted.

Official resources

This article is AI-assisted and based on the supplied source corpus.