CVE Catalog
CVE-2026-8094
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.45%
36th percentile — higher than 36% of all known CVEs
Summary
An unspecified vulnerability was found in the WebRTC component of Firefox and Thunderbird. The flaw was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.
Risk Assessment
The vulnerability could allow an attacker to execute arbitrary code or compromise data confidentiality during WebRTC communications, posing a risk to user security.
Recommendation
Immediately update Firefox ESR to version 140.10.2 or later and Thunderbird to version 140.10.2 or later.
Original NVD description (English source)
Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.

