Security Vulnerabilities - CVEs Published In April 2026
Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-04-21
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-04-21
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-21
Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-21
Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-21
Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-21
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-21
Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-04-21
Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-04-21
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-04-21