CVE Catalog

CVE-2026-14241

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

4th percentile — higher than 4% of all known CVEs

Summary

Memory safety bugs were found in Firefox 152.0.3, some showing evidence of memory corruption that could potentially be exploited to run arbitrary code. This vulnerability was fixed in Firefox 152.0.4.

Risk Assessment

The organization faces the risk of remote code execution, which could lead to data breaches or service disruption.

Recommendation

Immediately update Firefox to version 152.0.4 or later on all workstations and servers.

Original NVD description (English source)

Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152.0.4.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS