Boundary Condition Flaw in NSS Libraries of Firefox Products
CVE-2026-6772

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Vendor
CVE Published:
21 April 2026

What is CVE-2026-6772?

A vulnerability exists in the Libraries component of NSS affecting specific versions of Firefox and its Extended Support Release (ESR). This flaw relates to incorrect boundary conditions that could lead to unexpected behavior. This vulnerability has been addressed in subsequent updates, ensuring greater security and stability for users. To mitigate potential risks, users are encouraged to update to the latest versions of Firefox and Firefox ESR.

Affected Version(s)

Firefox 115.35

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2026089
https://www.mozilla.org/security/advisories/mfsa2026-30/
https://www.mozilla.org/security/advisories/mfsa2026-31/

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

sseehra
.