CVE-2026-0886
Description
Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.018
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in Mozilla Firefox (Microsoft Store) 140.7 | Windows |
| Vulnerabilities CVE-2026-0877,CVE-2026-0879,CVE-2026-0880,CVE-2026-0882,CVE-2026-0886 are fixed in Mozilla Firefox (Microsoft Store) 115.32 | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox (Microsoft Store) 147 | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox ESR (140) (140.7.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox ESR (140) (x64) (140.7.0) | Windows |
| Vulnerabilities CVE-2026-0877,CVE-2026-0879,CVE-2026-0880,CVE-2026-0882,CVE-2026-0886 are fixed in Mozilla Firefox ESR (115) (115.32.0) | Windows |
| Vulnerabilities CVE-2026-0877,CVE-2026-0879,CVE-2026-0880,CVE-2026-0882,CVE-2026-0886 are fixed in Mozilla Firefox ESR (115) (x64) (115.32.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox (147.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox (x64) (147.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Thunderbird ESR 140 (140.7.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Thunderbird ESR 140 (x64) (140.7.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Thunderbird (147.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Thunderbird (x64) (147.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (147.0) | Mac |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (147.0.1) | Mac |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (147.0.2) | Mac |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (147.0.3) | Mac |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (147.0.4) | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-354977 | Mozilla Firefox ESR (140) (140.7.0) |
| PATCH-354978 | Mozilla Firefox ESR (140) (x64) (140.7.0) |
| PATCH-354975 | Mozilla Firefox ESR (115) (115.32.0) |
| PATCH-354976 | Mozilla Firefox ESR (115) (x64) (115.32.0) |
| PATCH-354973 | Mozilla Firefox (147.0) |
| PATCH-354974 | Mozilla Firefox (x64) (147.0) |
| PATCH-354981 | Mozilla Thunderbird ESR 140 (140.7.0) |
| PATCH-354982 | Mozilla Thunderbird ESR 140 (x64) (140.7.0) |
| PATCH-354979 | Mozilla Thunderbird (147.0) |
| PATCH-354980 | Mozilla Thunderbird (x64) (147.0) |
| PATCH-613630 | Mozilla Firefox For Mac (147.0.4) |
| PATCH-613630 | Mozilla Firefox For Mac (147.0.4) |
| PATCH-613630 | Mozilla Firefox For Mac (147.0.4) |
| PATCH-613630 | Mozilla Firefox For Mac (147.0.4) |
| PATCH-613630 | Mozilla Firefox For Mac (147.0.4) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234