CVE-2026-7320
Information disclosure due to incorrect boundary conditions in the Audio/Video component
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
9th
Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.
| Vendor | mozilla |
| Product | firefox |
| Ecosystems | |
| Industries | Technology |
| Published | Apr 28, 2026 |
| Last Updated | Apr 30, 2026 |
Stay Ahead of the Next One
Get instant alerts for mozilla firefox
Be the first to know when new high vulnerabilities affecting mozilla firefox are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Mozilla / Firefox
All versions affected Mozilla / Thunderbird
All versions affected References
bugzilla.mozilla.org: https://bugzilla.mozilla.org/show_bug.cgi?id=2027433 mozilla.org: https://www.mozilla.org/security/advisories/mfsa2026-35/ mozilla.org: https://www.mozilla.org/security/advisories/mfsa2026-36/ mozilla.org: https://www.mozilla.org/security/advisories/mfsa2026-37/ mozilla.org: https://www.mozilla.org/security/advisories/mfsa2026-38/ mozilla.org: https://www.mozilla.org/security/advisories/mfsa2026-39/
Credits
Xuehao Guo