top of page
perceptive_background_267k.jpg

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

Published:

23 March 2026 at 23:00:00

Alert date:

24 March 2026 at 20:06:33

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A use-after-free vulnerability in Firefox's Disability Access APIs component allows sandbox escape. This critical security flaw affects Firefox versions below 149 and Firefox ESR versions below 140.9. The vulnerability is tracked as CVE-2026-4688 and has been assigned a high criticality rating. Mozilla has released security advisories and patches to address this issue. The bug was reported through Mozilla's Bugzilla system and affects multiple Firefox distributions.

Technical details

Mitigation steps:

Affected products:

Firefox
Firefox ESR

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-4688
https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
https://www.mozilla.org/security/advisories/mfsa2026-20/
https://www.mozilla.org/security/advisories/mfsa2026-22/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page