CVE-2026-10701 - Vulnerability Details

Description

Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3.

Published: 2026-06-02

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability arises from incorrect boundary checks in the Graphics: Text component of Mozilla Firefox. The CVE description does not specify the impact or exploitation mechanism, only noting that the flaw was fixed in Firefox 151.0.3.

Affected Systems

All users of Mozilla Firefox on any operating system running a version earlier than 151.0.3 are affected. The issue was fixed in Firefox 151.0.3, so versions 151.0.2 and below remain vulnerable.

Risk and Exploitability

With no EPSS score available and not listed in KEV, the likelihood of exploitation remains uncertain. The CVE description does not provide information on severity or exploitation vectors, making risk assessment challenging. No public exploit is documented, so the vulnerability may be low to moderate risk pending further details.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Mozilla

Firefox

affected

Version	Status	Constraints
`151.0.3`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Mozilla

Firefox

100%

Version	Status	Scheme	Platform
`[151.0.3,*]`	unaffected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Firefox to version 151.0.3 or later.
If an upgrade is delayed, consider disabling or restricting execution of untrusted web content that can trigger the Graphics: Text component, for example by using stricter content security policies.
Monitor browser logs and system behavior for signs of crashes or unexpected behavior that could indicate exploitation.
Enable or enforce sandboxing features for the browser to limit the damage potential of any exploitation.

Generated by OpenCVE AI on June 3, 2026 at 04:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=2038537
https://www.mozilla.org/security/advisories/mfsa2026-54/

History

Wed, 03 Jun 2026 04:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-119

Wed, 03 Jun 2026 04:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mozilla Mozilla firefox
Vendors & Products		Mozilla Mozilla firefox

Wed, 03 Jun 2026 02:30:00 +0000

Type	Values Removed	Values Added
Description		Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3.
Title		Incorrect boundary conditions in the Graphics: Text component
References		https://bugzilla.mozilla.org/show_bug.cgi?id=2038537 https://www.mozilla.org/security/advisories/mfsa2026-54/

Subscriptions

Mozilla Firefox

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2026-06-02T17:15:59.828Z

Updated: 2026-06-02T17:15:59.828Z

Reserved: 2026-06-02T17:12:56.980Z

Link: CVE-2026-10701

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-02T20:16:33.227

Modified: 2026-06-02T20:16:33.227

Link: CVE-2026-10701

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-03T04:30:05Z

Weaknesses

CWE-119

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object