Use-After-Free Vulnerability in WebRTC of Mozilla Firefox
CVE-2026-6747

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6747?

A use-after-free vulnerability exists in the WebRTC component of Mozilla Firefox, which can potentially allow an attacker to execute arbitrary code or affect the stability of the application. This issue has been addressed in the updated versions of Firefox. Users are encouraged to upgrade to Firefox 150 or Firefox ESR 140.10 to protect against these security risks.

Affected Version(s)

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2021769

https://www.mozilla.org/security/advisories/mfsa2026-30/

https://www.mozilla.org/security/advisories/mfsa2026-32/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

Nan Wang

CVE-2026-6747 Data

JSON