Boundary Condition Flaw in NSS Libraries Affects Mozilla Products
CVE-2026-6766

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6766?

A flaw exists in the Libraries component of NSS that relates to incorrect boundary conditions. This vulnerability potentially allows for unexpected behaviors in applications utilizing the affected libraries. Mozilla has addressed this issue in versions Firefox 150 and Firefox ESR 140.10, enhancing the security posture of these products.

Affected Version(s)

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2023207

https://www.mozilla.org/security/advisories/mfsa2026-30/

https://www.mozilla.org/security/advisories/mfsa2026-32/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

Haruto Kimura

CVE-2026-6766 Data

JSON