CVE-2026-7320

Summary

Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox115.35.1 <= 115.*unaffected
MozillaFirefox140.10.1 <= 140.*unaffected
MozillaFirefox150.0.1 <= *unaffected
MozillaThunderbird140.10.1 <= 140.*unaffected
MozillaThunderbird150.0.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component

Additional References

References