Undefined Behavior in Firefox Core and HTML Components
CVE-2026-2771

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Firefox Esr
Thunderbird
Vendor
CVE Published:
24 February 2026

What is CVE-2026-2771?

This vulnerability arises from undefined behavior in the Document Object Model (DOM) within the Core and HTML components of Firefox. The issue impacts various versions, allowing potential security risks in web browser functionality. Affected versions include Firefox prior to 148 along with specific Extended Support Release (ESR) versions, creating an urgent need for users to update to secure versions to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Firefox < 148

Firefox ESR < 115.33

Firefox ESR < 140.8

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2014593
https://www.mozilla.org/security/advisories/mfsa2026-13/
https://www.mozilla.org/security/advisories/mfsa2026-14/

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Information to follow
JSON
.