CVEFinder.io

CVE-2026-8094

⛔ critical
🔍 Scan for this CVE
Summary

Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.

CVSS Score
9.8
Critical
EPSS Score
0.0
Exploit Probability
Published Date
2026-05-07
First Seen: 2026-05-10
📊 Relative Risk Intelligence

This CVE is Very High Risk - more severe than 90.4% of all 321,361 vulnerabilities in our database.

#30,761
Top 10% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: May 8, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
YES
Can be exploited automatically
💥 Technical Impact
Total
Complete system compromise possible
🏆 Discovered By
Michael Froman
SSVC data provided by CISA
Last Modified 2026-05-11
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-94

📦 Affected Products 2

Vendor Product Status Affected Versions
mozilla firefox Affected
< 140.10.2
mozilla thunderbird Affected
< 140.10.2

🔗 References 3

https://bugzilla.mozilla.org/show_bug.cgi?id=2035939
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2026...
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2026...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-8390 ⚠️ high 7.3 0.0 Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3. 2026-05-12
CVE-2026-8401 ⛔ critical 9.8 0.1 Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3. 2026-05-12
CVE-2026-8090 ⚠️ high 7.3 0.0 Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, ... 2026-05-07
CVE-2026-8091 ⛔ critical 9.8 0.0 Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thund... 2026-05-07
CVE-2026-8092 ⚠️ high 8.1 0.0 Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed ... 2026-05-07
CVE-2026-8093 ⚠️ high 8.1 0.0 Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume th... 2026-05-07
These CVEs affect the same products