9.8

CVE-2026-8094

Other issue in the WebRTC component

Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox SwEditionesr Version < 140.10.2
MozillaThunderbird Version < 140.10.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.45% 0.356
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7.5 1.6 5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://www.mozilla.org/security/advisories/mfsa2026-41/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=2035939
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2026-44/
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:19160
https://access.redhat.com/errata/RHSA-2026:20566
https://access.redhat.com/errata/RHSA-2026:20574
https://access.redhat.com/errata/RHSA-2026:24508
https://access.redhat.com/errata/RHSA-2026:24509
https://access.redhat.com/errata/RHSA-2026:24510
https://access.redhat.com/errata/RHSA-2026:24511
https://access.redhat.com/errata/RHSA-2026:24516
https://access.redhat.com/errata/RHSA-2026:24755
https://access.redhat.com/errata/RHSA-2026:24983
https://access.redhat.com/errata/RHSA-2026:25015
https://access.redhat.com/security/cve/CVE-2026-8094
https://bugzilla.redhat.com/show_bug.cgi?id=2467706
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-8094.json