CVE-2026-8953 is a vulnerability in Mozilla Firefox
Published on May 19, 2026

Sandbox escape due to use-after-free in the Disability Access APIs component
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.

NVD

Products Associated with CVE-2026-8953

Want to know whenever a new CVE is published for Mozilla Firefox? stack.watch will email you.

Mozilla Firefox

Affected Versions

Mozilla Firefox:

Version 115.36, <= 115.* is unaffected.
Version 140.11, <= 140.* is unaffected.
Version 151, <= * is unaffected.

CVE-2026-8953 is a vulnerability in Mozilla FirefoxPublished on May 19, 2026

Products Associated with CVE-2026-8953

Affected Versions

CVE-2026-8953 is a vulnerability in Mozilla Firefox
Published on May 19, 2026