9.8
CVE-2026-8091
- EPSS 0.44%
- Veröffentlicht 07.05.2026 12:45:05
- Zuletzt bearbeitet 30.06.2026 03:21:41
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Incorrect boundary conditions in the Audio/Video: Playback component
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.351 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
CWE-805 Buffer Access with Incorrect Length Value
The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
https://www.mozilla.org/security/advisories/mfsa2026-30/
https://www.mozilla.org/security/advisories/mfsa2026-33/
https://www.mozilla.org/security/advisories/mfsa2026-36/
https://www.mozilla.org/security/advisories/mfsa2026-39/
https://www.mozilla.org/security/advisories/mfsa2026-42/
https://bugzilla.mozilla.org/show_bug.cgi?id=2029301
https://access.redhat.com/security/cve/CVE-2026-8091
https://bugzilla.redhat.com/show_bug.cgi?id=2467699
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-8091.json