Memory Safety Vulnerabilities in Mozilla Products
CVE-2026-7322

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 28 April 2026

What is CVE-2026-7322?

Mozilla identified memory safety issues in specific versions of Firefox and Thunderbird, which could potentially allow attackers to exploit memory corruption. The affected versions include Firefox ESR 115.35.0, Firefox ESR 140.10.0, Thunderbird ESR 140.10.0, and Firefox and Thunderbird version 150.0.0. These vulnerabilities were addressed in subsequent updates, ensuring that affected users download the latest versions - Firefox 150.0.1, Firefox ESR 140.10.1, and Thunderbird ESR 140.10.1 - to enhance their security against possible exploitation.

Affected Version(s)

Firefox 115.35.1

Firefox 140.10.1

Firefox 150.0.1

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=2021904%2...

https://www.mozilla.org/security/advisories/mfsa2026-35/

https://www.mozilla.org/security/advisories/mfsa2026-36/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2026
Vulnerability Reserved
Apr 28, 2026

Credit

C.M.Chang, Christian Holler, Steve Fink and the Mozilla Fuzzing Team

CVE-2026-7322 Data

JSON