Firefox <150 WebRTC Networking boundary condition flaw (CVE-2026-6776)
CVE-2026-6776 Published on April 21, 2026
Incorrect boundary conditions in the WebRTC: Networking component
Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
Vulnerability Analysis
CVE-2026-6776 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2026-6776 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2026-6776
stack.watch emails you whenever new vulnerabilities are published in Mozilla Firefox or Mozilla Thunderbird. Just hit a watch button to start following.
Affected Versions
Mozilla Firefox:- Version 140.10, <= 140.* is unaffected.
- Version 150, <= * is unaffected.
- Version 140.10, <= 140.* is unaffected.
- Version 150, <= * is unaffected.