Networking Vulnerability in Mozilla Firefox and Firefox ESR Products
CVE-2026-6776

7.8HIGH

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6776?

This vulnerability arises from incorrect boundary conditions in the WebRTC component of Mozilla Firefox, which can lead to unintended consequences during network operations. It has been addressed in the latest releases of Firefox and Firefox ESR, ensuring users are protected from potential exploits that could leverage this defect.

Affected Version(s)

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2021770

https://www.mozilla.org/security/advisories/mfsa2026-30/

https://www.mozilla.org/security/advisories/mfsa2026-32/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

Nan Wang

CVE-2026-6776 Data

JSON