Firefox 147 Security Advisory: Sandbox Escape, UAF, and Info Disclosure (CVE-2026-0877 to 0888)

Key Information Announcement Date: January 13, 2026 Impact: High Product: Firefox Fixed Version: Firefox 147 Vulnerability Details CVE-2026-0877 - Description: Mitigation bypass in the DOM: Security component - Reporter: mingjung - Impact: High - Reference: Bug 1999257 CVE-2026-0878 - Description: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component - Reporter: Oskar L - Impact: High - Reference: Bug 2003989 CVE-2026-0879 - Description: Sandbox escape due to incorrect boundary conditions in the Graphics component - Reporter: Oskar L - Impact: High - Reference: Bug 2004602 CVE-2026-0880 - Description: Sandbox escape due to integer overflow in the Graphics component - Reporter: Oskar L - Impact: High - Reference: Bug 2005014 CVE-2026-0881 - Description: Sandbox escape in the Messaging System component - Reporter: Andrew McCreight - Impact: High - Reference: Bug 2005845 CVE-2026-0882 - Description: Use-after-free in the IPC component - Reporter: Randell Jesup - Impact: High - Reference: Bug 1924125 CVE-2026-0883 - Description: Information disclosure in the Networking component - Reporter: Vladislav Plyatsok - Impact: Moderate - Reference: Bug 1989340 CVE-2026-0884 - Description: Use-after-free in the JavaScript Engine component - Reporter: Gary Kwong and Nan Wang - Impact: Moderate - Reference: Bug 2003588 CVE-2026-0885 - Description: Use-after-free in the JavaScript: GC component - Reporter: Irvan Kurniawan - Impact: Moderate - Reference: Bug 2003607 CVE-2026-0886 - Description: Incorrect boundary conditions in the Graphics component - Reporter: Oskar L - Impact: Moderate - Reference: Bug 2005658 CVE-2026-0887 - Description: Clickjacking issue, information disclosure in the PDF Viewer component - Reporter: Lyra Rebane - Impact: Moderate - Reference: Bug 2006500 CVE-2026-0888 - Description: Information disclosure in the XML component - Reporter: Pier Angelo Vendrame - Impact: Low - Reference: Bug 1985996 CVE-2026-0889 - Description: Denial-of-service in the DOM: Service Workers component - Reporter: Elysee Franchuk, Caleb Lerch - Impact: Low - Reference: Bug 1999084 CVE-2026-0890 - Description: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component - Reporter: Edgar Chen - Impact: Low - Reference: Bug 2005081 CVE-2026-0891 - Description: Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147 - Reporter: Andrew McCreight, Dennis Jackson and the Mozilla Fuzzing Team - Impact: High - Description: Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. - Reference: Bug 1999257 - Reference: Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147 CVE-2026-0892 - Description: Memory safety bugs fixed in Firefox 147 and Thunderbird 147 - Reporter: Hiroyuki Ikezoe, Jon Coppeard, Maurice Dauer and the Mozilla Fuzzing Team - Impact: Moderate - Description: Memory safety bugs present in Firefox 146 and Thunderbird 146. - Reference: Bug 2003588 - Reference: Memory safety bugs fixed in Firefox 147 and Thunderbird 147

Goal Reached Thanks to every supporter — we hit 100%!

Firefox 147 Security Advisory: Sandbox Escape, UAF, and Info Disclosure (CVE-2026-0877 to 0888)

More from this source