CVE-2026-4700
EUVD-2026-1481724.03.2026, 13:16
Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 𝑥 < 140.9.0 |
| mozilla | firefox | 𝑥 < 149.0 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||
| firefox-esr |
| ||||||||||||||||
| thunderbird |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||
| thunderbird |
| ||||||||||||
| mozjs38 |
| ||||||||||||
| mozjs52 |
| ||||||||||||
| mozjs68 |
| ||||||||||||
| mozjs78 |
| ||||||||||||
| mozjs91 |
| ||||||||||||
| mozjs102 |
| ||||||||||||
| mozjs115 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| MozillaFirefox |
| ||||||||||||||||||||||
| MozillaFirefox-devel |
| ||||||||||||||||||||||
| MozillaFirefox-translations-common |
| ||||||||||||||||||||||
| MozillaFirefox-translations-other |
| ||||||||||||||||||||||
| MozillaThunderbird |
| ||||||||||||||||||||||
| MozillaThunderbird-translations-common |
| ||||||||||||||||||||||
| MozillaThunderbird-translations-other |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration