{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7322", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2026-04-28T13:42:17.804Z", "datePublished": "2026-04-28T13:49:09.314Z", "dateUpdated": "2026-04-28T18:36:53.189Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "115.35.1", "lessThanOrEqual": "115.*", "versionType": "rpm"}, {"status": "unaffected", "version": "140.10.1", "lessThanOrEqual": "140.*", "versionType": "rpm"}, {"status": "unaffected", "version": "150.0.1", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1."}]}], "title": "Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1", "references": [{"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2021904%2C2022731%2C2027158%2C2027733%2C2027973%2C2027976%2C2028231%2C2028731%2C2028886%2C2029067%2C2029700%2C2029724%2C2029806%2C2029814%2C2030108%2C2030111%2C2031524%2C2031921%2C2032040", "name": "Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2026-35/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2026-36/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2026-37/"}], "credits": [{"lang": "en", "value": "C.M.Chang, Christian Holler, Steve Fink and the Mozilla Fuzzing Team"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-28T18:36:53.189Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-416", "lang": "en", "description": "CWE-416 Use After Free"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-28T17:47:21.090448Z", "id": "CVE-2026-7322", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T17:47:28.151Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1."}], "id": "CVE-2026-7322", "lastModified": "2026-04-28T22:16:52.210", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-28T15:16:37.727", "references": [{"source": "security@mozilla.org", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2021904%2C2022731%2C2027158%2C2027733%2C2027973%2C2027976%2C2028231%2C2028731%2C2028886%2C2029067%2C2029700%2C2029724%2C2029806%2C2029814%2C2030108%2C2030111%2C2031524%2C2031921%2C2032040"}, {"source": "security@mozilla.org", "url": "https://www.mozilla.org/security/advisories/mfsa2026-35/"}, {"source": "security@mozilla.org", "url": "https://www.mozilla.org/security/advisories/mfsa2026-36/"}, {"source": "security@mozilla.org", "url": "https://www.mozilla.org/security/advisories/mfsa2026-37/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[115.35.1,116.0.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[140.10.1,141.0.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[150.0.1,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Firefox", "source": "cna", "vendor": "Mozilla"}, "product": "firefox", "vendor": "mozilla"}], "analysis": {"en": {"generated_at": "2026-04-29T02:15:58.633747+00:00", "value": {"mitigation_remediation": ["Update Firefox to the latest release\u2014Firefox 150.0.1 or the ESR updates 115.35.1 and 140.10.1\u2014to patch the memory safety bugs.", "Remove or disable legacy add\u2011ons and extensions that are not essential, as they can introduce additional memory safety issues.", "Continuously monitor Mozilla\u2019s security advisories and apply subsequent patches promptly to guard against related memory safety vulnerabilities."], "summary": {"action": "Patch Immediately", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Affected products are Mozilla Firefox. The vulnerable releases are Firefox ESR 115.35.0, Firefox ESR 140.10.0, and Firefox 150.0.0. All of these have been fixed in the subsequent releases: Firefox ESR 115.35.1, Firefox ESR 140.10.1, and Firefox 150.0.1.", "description_and_impact": "The vulnerability comprises memory safety bugs that cause memory corruption in Mozilla Firefox versions ESR 115.35.0, ESR 140.10.0, and Firefox 150.0.0. Some of the bugs exhibited signs of corrupting memory, and the developers believe that, with enough effort, an attacker could exploit the defects to execute arbitrary code within the context of the browser. These weaknesses align with buffer overflow or out\u2011of\u2011bounds write flaws as identified by CWEs 119 and 416.", "risk_and_exploitability": "While the CVSS score of 7.3 indicates a high severity, the EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting no confirmed exploits yet. The likely attack vector is through malicious web content or other inputs that trigger the memory corruption, but precise details are not disclosed. If successfully exploited, an attacker could gain arbitrary code execution, potentially compromising the confidentiality, integrity, or availability of the affected system."}}}}, "created": "2026-04-28T16:30:34.924244+00:00", "updated": "2026-04-29T02:30:07.562869+00:00", "vendors": ["mozilla", "mozilla$PRODUCT$firefox"]}