Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so…
Published:
12 January 2026 at 23:00:00
Alert date:
13 January 2026 at 16:02:17
Source:
nvd.nist.gov
Web Technologies
Memory safety vulnerabilities discovered in Firefox 146 and Thunderbird 146 that could potentially allow arbitrary code execution. The bugs showed evidence of memory corruption and Mozilla presumes they could be exploited with sufficient effort. The vulnerability affects Firefox versions prior to 147. Mozilla has released security advisories and bug reports documenting these issues. Users should update to Firefox 147 or later to mitigate the risk.
Technical details
Mitigation steps:
Affected products:
Firefox
Thunderbird
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-0892
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1986912%2C1996718%2C1999633%2C2001081%2C2004443
https://www.mozilla.org/security/advisories/mfsa2026-01/
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.