Uninitialized Memory Vulnerability in Firefox by Mozilla
CVE-2026-6751

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6751?

An uninitialized memory vulnerability in the Audio/Video: Web Codecs component of Mozilla Firefox could potentially allow an attacker to exploit memory-related issues, leading to unauthorized access or crashes. This issue was addressed in Firefox version 150 and Firefox ESR version 140.10, emphasizing the importance of keeping software up-to-date to mitigate risks associated with unclean memory states.

Affected Version(s)

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2025883

https://www.mozilla.org/security/advisories/mfsa2026-30/

https://www.mozilla.org/security/advisories/mfsa2026-32/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

Joren Afman

CVE-2026-6751 Data

JSON