8.8

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox SwEditionesr Version < 140.9.1
MozillaFirefox SwEdition- Version < 149.0.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.269
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://www.mozilla.org/security/advisories/mfsa2026-25/
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2026-27/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
Issue Tracking
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2026-28/
https://www.mozilla.org/security/advisories/mfsa2026-29/
https://access.redhat.com/errata/RHSA-2026:11805
https://access.redhat.com/errata/RHSA-2026:11813
https://access.redhat.com/errata/RHSA-2026:12264
https://access.redhat.com/errata/RHSA-2026:13342
https://access.redhat.com/errata/RHSA-2026:13412
https://access.redhat.com/errata/RHSA-2026:13533
https://access.redhat.com/errata/RHSA-2026:13582
https://access.redhat.com/errata/RHSA-2026:13583
https://access.redhat.com/errata/RHSA-2026:13596
https://access.redhat.com/errata/RHSA-2026:13600
https://access.redhat.com/errata/RHSA-2026:13665
https://access.redhat.com/errata/RHSA-2026:13682
https://access.redhat.com/errata/RHSA-2026:13683
https://access.redhat.com/errata/RHSA-2026:13922
https://access.redhat.com/errata/RHSA-2026:13977
https://access.redhat.com/errata/RHSA-2026:14223
https://access.redhat.com/errata/RHSA-2026:14303
https://access.redhat.com/errata/RHSA-2026:15889
https://access.redhat.com/errata/RHSA-2026:7671
https://access.redhat.com/errata/RHSA-2026:7672
https://access.redhat.com/errata/RHSA-2026:8052
https://access.redhat.com/errata/RHSA-2026:8459
https://access.redhat.com/errata/RHSA-2026:9345
https://access.redhat.com/errata/RHSA-2026:9638
https://access.redhat.com/security/cve/CVE-2026-5732
https://bugzilla.redhat.com/show_bug.cgi?id=2455908
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5732.json