CVE-2026-6752
Incorrect boundary conditions in the WebRTC component
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
21 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References
https://access.redhat.com/errata/RHSA-2026:10757https://access.redhat.com/errata/RHSA-2026:10766https://access.redhat.com/errata/RHSA-2026:10767https://access.redhat.com/errata/RHSA-2026:12285https://access.redhat.com/errata/RHSA-2026:13537https://access.redhat.com/errata/RHSA-2026:15892https://access.redhat.com/errata/RHSA-2026:17477https://access.redhat.com/errata/RHSA-2026:17687https://access.redhat.com/errata/RHSA-2026:17688https://access.redhat.com/errata/RHSA-2026:17689https://access.redhat.com/errata/RHSA-2026:17690https://access.redhat.com/errata/RHSA-2026:19041