CVE-2026-2805 - Vulnerability Details

- Invalid pointer in the DOM: Core & HTML component

Description

Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

Published: 2026-02-24

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An invalid pointer in the core and HTML components of the DOM can lead to memory corruption that may allow an attacker to execute arbitrary code on the affected system. The flaw is categorized as CWE‑824, which indicates an unrecovered invalid pointer usage that can be exploited for compromising application integrity.

Affected Systems

Mozilla Firefox versions prior to 148 and Mozilla Thunderbird versions prior to 148 are affected. The vulnerability is present in all builds of both browsers that use the vulnerable DOM implementation, as reflected by the CPE entries for Firefox and Thunderbird.

Risk and Exploitability

The CVSS score of 9.8 reflects severe potential impact and the very low EPSS (<1%) suggests a modest likelihood of exploitation at this time. The vulnerability is not listed in the CISA KEV catalog, indicating no confirmed widespread exploitation yet. The likely attack vector is delivering malicious web content or HTML emails that trigger the invalid pointer usage, potentially enabling remote code execution or privilege escalation. Successful exploitation would compromise confidentiality, integrity, and availability of the victim’s data and system.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Mozilla

Firefox

affected

Version	Status	Constraints
`148`	unaffected	≤ *

Mozilla

Thunderbird

affected

Version	Status	Constraints
`148`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox:::::-:::*
	cpe:2.3:a:mozilla:thunderbird:::::-:::*

No data.

Vendor Product Confidence Versions

Mozilla

Firefox

100%

Version	Status	Scheme	Platform
`[0,148)`	affected	generic	—

Mozilla

Thunderbird

100%

Version	Status	Scheme	Platform
`[0,148)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Mozilla Firefox to version 148 or later
Upgrade Mozilla Thunderbird to version 148 or later
If an immediate upgrade is not possible, restrict the execution of untrusted web content and monitor for the release of official security patches

Generated by OpenCVE AI on April 15, 2026 at 16:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00023.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=2014549
https://nvd.nist.gov/vuln/detail/CVE-2026-2805
https://www.cve.org/CVERecord?id=CVE-2026-2805
https://www.mozilla.org/security/advisories/mfsa2026-13/
https://www.mozilla.org/security/advisories/mfsa2026-13/#CVE-2026-2805
https://www.mozilla.org/security/advisories/mfsa2026-16/
https://www.mozilla.org/security/advisories/mfsa2026-16/#CVE-2026-2805

History

Mon, 13 Apr 2026 14:30:00 +0000

Type	Values Removed	Values Added
Description	Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.	Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

Sat, 28 Feb 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2026-2805 https://www.cve.org/CVERecord?id=CVE-2026-2805 https://www.mozilla.org/security/advisories/mfsa2026-13/#CVE-2026-2805 https://www.mozilla.org/security/advisories/mfsa2026-16/#CVE-2026-2805
Metrics	threat_severity `None`	threat_severity `Moderate`

Wed, 25 Feb 2026 22:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-824
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 25 Feb 2026 19:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:mozilla:firefox:::::-:::* cpe:2.3:a:mozilla:thunderbird:::::-:::*
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Wed, 25 Feb 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mozilla Mozilla firefox Mozilla thunderbird
Vendors & Products		Mozilla Mozilla firefox Mozilla thunderbird

Tue, 24 Feb 2026 18:00:00 +0000

Type	Values Removed	Values Added
Description	Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.	Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
References		https://www.mozilla.org/security/advisories/mfsa2026-16/

Tue, 24 Feb 2026 14:00:00 +0000

Type	Values Removed	Values Added
Description		Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.
Title		Invalid pointer in the DOM: Core & HTML component
References		https://bugzilla.mozilla.org/show_bug.cgi?id=2014549 https://www.mozilla.org/security/advisories/mfsa2026-13/

Subscriptions

Mozilla Firefox Thunderbird

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2026-02-24T13:33:32.768Z

Updated: 2026-04-13T13:54:35.780Z

Reserved: 2026-02-19T15:07:03.616Z

Link: CVE-2026-2805

Vulnrichment

Updated: 2026-02-25T21:28:38.852Z

NVD

Status : Modified

Published: 2026-02-24T14:16:29.010

Modified: 2026-04-13T15:17:31.857

Link: CVE-2026-2805

Redhat

Severity : Moderate

Publid Date: 2026-02-24T13:33:32Z

Links: CVE-2026-2805 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-15T17:00:07Z

Weaknesses

CWE-824
Access of Uninitialized Pointer
NVD-CWE-noinfo

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object