Firefox Sandbox Escape in WebRender before 148 / ESR 115.33 / 140.8
CVE-2026-2760 Published on February 24, 2026

Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.

NVD

Products Associated with CVE-2026-2760

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-2760 are published in these products:

Mozilla Firefox

Mozilla FireFox Extended Support Release (ESR)

Affected Versions

Mozilla Firefox:

Version unspecified and below 148 is affected.

Mozilla Firefox ESR:

Version unspecified and below 115.33 is affected.

Mozilla Firefox ESR:

Version unspecified and below 140.8 is affected.

Mozilla Thunderbird:

Version unspecified and below 148 is affected.

Mozilla Thunderbird:

Version unspecified and below 140.8 is affected.

Firefox Sandbox Escape in WebRender before 148 / ESR 115.33 / 140.8CVE-2026-2760 Published on February 24, 2026

Products Associated with CVE-2026-2760

Affected Versions

Firefox Sandbox Escape in WebRender before 148 / ESR 115.33 / 140.8
CVE-2026-2760 Published on February 24, 2026