Use-After-Free in Firefox <148 & ESR <140.8 WebAssembly (Wasm)
CVE-2026-2767 Published on February 24, 2026

Use-after-free in the JavaScript: WebAssembly component
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Firefox ESR < 140.8.

NVD

Products Associated with CVE-2026-2767

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-2767 are published in these products:

Mozilla Firefox

Mozilla FireFox Extended Support Release (ESR)

Affected Versions

Mozilla Firefox:

Version unspecified and below 148 is affected.

Mozilla Firefox ESR:

Version unspecified and below 140.8 is affected.

Mozilla Thunderbird:

Version unspecified and below 148 is affected.

Mozilla Thunderbird:

Version unspecified and below 140.8 is affected.

Use-After-Free in Firefox <148 & ESR <140.8 WebAssembly (Wasm)CVE-2026-2767 Published on February 24, 2026

Products Associated with CVE-2026-2767

Affected Versions

Use-After-Free in Firefox <148 & ESR <140.8 WebAssembly (Wasm)
CVE-2026-2767 Published on February 24, 2026