8.8
CVE-2026-2447
- EPSS 0.6%
- Veröffentlicht 16.02.2026 14:13:23
- Zuletzt bearbeitet 30.06.2026 03:18:13
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Heap buffer overflow in libvpx
Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version < 140.7.2
Mozilla ≫ Thunderbird Version >= 141.0 < 147.0.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.6% | 0.442 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
https://www.mozilla.org/security/advisories/mfsa2026-10/
https://www.mozilla.org/security/advisories/mfsa2026-11/
https://lists.debian.org/debian-lts-announce/2026/02/msg00028.html
https://access.redhat.com/errata/RHSA-2026:8747
https://access.redhat.com/errata/RHSA-2026:8746
https://access.redhat.com/errata/RHSA-2026:8748
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:3338
https://access.redhat.com/errata/RHSA-2026:3339
https://access.redhat.com/errata/RHSA-2026:3361
https://access.redhat.com/errata/RHSA-2026:3491
https://access.redhat.com/errata/RHSA-2026:3492
https://access.redhat.com/errata/RHSA-2026:3493
https://access.redhat.com/errata/RHSA-2026:3494
https://access.redhat.com/errata/RHSA-2026:3495
https://access.redhat.com/errata/RHSA-2026:3496
https://access.redhat.com/errata/RHSA-2026:3497
https://access.redhat.com/errata/RHSA-2026:3515
https://access.redhat.com/errata/RHSA-2026:3516
https://access.redhat.com/errata/RHSA-2026:3517
https://access.redhat.com/errata/RHSA-2026:3967
https://access.redhat.com/errata/RHSA-2026:3976
https://access.redhat.com/errata/RHSA-2026:3978
https://access.redhat.com/errata/RHSA-2026:3979
https://access.redhat.com/errata/RHSA-2026:3980
https://access.redhat.com/errata/RHSA-2026:3981
https://access.redhat.com/errata/RHSA-2026:3982
https://access.redhat.com/errata/RHSA-2026:3983
https://access.redhat.com/errata/RHSA-2026:3984
https://access.redhat.com/errata/RHSA-2026:4022
https://access.redhat.com/errata/RHSA-2026:4152
https://access.redhat.com/errata/RHSA-2026:4260
https://access.redhat.com/errata/RHSA-2026:4432
https://access.redhat.com/errata/RHSA-2026:4447
https://access.redhat.com/errata/RHSA-2026:4629
https://access.redhat.com/errata/RHSA-2026:5227
https://access.redhat.com/errata/RHSA-2026:5228
https://access.redhat.com/errata/RHSA-2026:5229
https://access.redhat.com/errata/RHSA-2026:5230
https://access.redhat.com/errata/RHSA-2026:5231
https://access.redhat.com/errata/RHSA-2026:5319
https://access.redhat.com/errata/RHSA-2026:5320
https://access.redhat.com/errata/RHSA-2026:5323
https://access.redhat.com/errata/RHSA-2026:5324
https://access.redhat.com/errata/RHSA-2026:5326
https://access.redhat.com/security/cve/CVE-2026-2447
https://bugzilla.redhat.com/show_bug.cgi?id=2440219
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2447.json