CVE-2026-2773
Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8
CVSS
9.8
Crítico
EPSS
0.6%
p45
KEV
—
Exploit Today
13
0-100
Publicado: 24 feb 2026 · Última mod.: 15 jul 2026 · CWE-119
0.6%EPSS · 30 días0.6%
2026-06-302026-07-17
Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- bugzilla.mozilla.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=2014832
- www.mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2026-13/
- www.mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2026-14/
- www.mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2026-15/
- www.mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2026-16/
- www.mozilla.orghttps://www.mozilla.org/security/advisories/mfsa2026-17/
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3338
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3339
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3361
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3491
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3492
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3493
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3494
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3495
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3496
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3497
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3515
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3516
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3517
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3976
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-312778.8 ALT71.0%
KEV—71Apple Multiple Products Buffer Overflow Vulnerability3dCVE-2005-445910.0 SIN96.2%
——29Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.10dCVE-2011-40454.3 SIN88.5%
——27Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.8dCVE-2025-434338.8 ALT62.4%
——19The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption.3dCVE-2025-432146.5 MED57.6%
——17The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.3dCVE-2025-434414.3 MED55.9%
——17The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.3d