Memory Safety Vulnerabilities in Firefox from Mozilla
CVE-2026-8092

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 7 May 2026

What is CVE-2026-8092?

Recent memory safety bugs identified in Mozilla's Firefox, specifically within Firefox ESR 115.35.1, 140.10.1, and 150.0.1, raised significant concerns regarding memory corruption. These vulnerabilities could potentially allow malicious actors to execute arbitrary code through exploitation techniques. The issues were remedied in updated versions: Firefox 150.0.2, Firefox ESR 140.10.2, and Firefox ESR 115.35.2, which patch the identified weaknesses to ensure user security.

Affected Version(s)

Firefox 115.35.2

Firefox 140.10.2

Firefox 150.0.2

References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1806249%2...

https://www.mozilla.org/security/advisories/mfsa2026-40/

https://www.mozilla.org/security/advisories/mfsa2026-41/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2026
Vulnerability Reserved
May 7, 2026

Credit

Andrew McCreight, Christian Holler, Lee Salzman, Maurice Dauer, Tom Schuster, Wayne Mery and the Mozilla Fuzzing Team

CVE-2026-8092 Data

JSON