Mozilla Product Security Update Advisory

Feb 25 2026

Overview

Mozilla has released security updates to fix vulnerabilities in its products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2026-2769

Firefox versions: 148 and below

Firefox ESR versions: 115.33 or earlier

Firefox ESR versions: 140.8 or lower

Thunderbird versions: less than 148

Thunderbird versions: 140.8 or lower

CVE-2026-2798

Firefox versions: below 148

Thunderbird versions: below 148

Resolved Vulnerabilities

Use-after-free vulnerability in the Storage: IndexedDB component (CVE-2026-2769)

Use-after-free vulnerability in the DOM: Core & HTML component (CVE-2026-2798)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2026-2769

Firefox version: 148

Firefox ESR version: 115.33

Firefox ESR version: 140.8

Thunderbird version: 148

Thunderbird version: 140.8

CVE-2026-2798

Firefox version: 148

Thunderbird version: 148

References

[1] Mozilla Foundation Security Advisory 2026-13

https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/

[2] Mozilla Foundation Security Advisory 2026-14

https://www.mozilla.org/en-US/security/advisories/mfsa2026-14/

[3] Mozilla Foundation Security Advisory 2026-15

https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/

[4] Mozilla Foundation Security Advisory 2026-16

https://www.mozilla.org/en-US/security/advisories/mfsa2026-16/

[5] Mozilla Foundation Security Advisory 2026-17

https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/

Mozilla Product Security Update Advisory

Google Chrome Browser (145.0.7632.116/117) Security Update Advisory

Cisco Product Security Update Advisory (CVE-2026-20127)

Tags:

Google Chrome Browser (145.0.7632.116/117) Security Update Advisory

Cisco Product Security Update Advisory (CVE-2026-20127)