Description
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
Published: 2026-03-24
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Memory corruption potentially leading to arbitrary code execution
Action: Apply Patch
AI Analysis

Impact

This vulnerability arises from incorrect boundary conditions in the Layout: Text and Fonts component. The flaw can cause uncontrolled memory writes, which may overwrite sensitive data and give an attacker the ability to execute arbitrary code within the context of the application. The primary impact is therefore a compromise of confidentiality, integrity, and availability of the affected system.

Affected Systems

The affected products are Mozilla Firefox and Mozilla Thunderbird. Versions prior to Firefox 149, Firefox ESR 115.34 and 140.9, Thunderbird 149, and Thunderbird 140.9 are vulnerable. All newer releases contain the fix.

Risk and Exploitability

The CVSS score is 7.5, indicating high severity. EPSS is reported as less than 1%, suggesting a low probability of exploitation. It is not listed in CISA's KEV catalog. The likely attack vector involves crafted content rendered by the application; based on the component involved, the attack is inferred to be executed when the user opens a malicious web page or document that triggers the layout engine. No explicit vector is described in the input, so this inference is made from the nature of the component.

Generated by OpenCVE AI on April 13, 2026 at 15:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install Firefox 149 or newer, or Firefox ESR 115.34/140.9 or newer; download and install Thunderbird 149 or newer, or Thunderbird ESR 140.9 or newer.
  • If upgrading immediately is not possible, restrict use of older browsers or configure content security policies to limit rendering of untrusted content.
  • Monitor Mozilla advisory feeds for future updates and apply patches as they become available.

Generated by OpenCVE AI on April 13, 2026 at 15:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4510-1 firefox-esr security update
Debian DLA Debian DLA DLA-4511-1 thunderbird security update
Debian DSA Debian DSA DSA-6178-1 firefox-esr security update
Debian DSA Debian DSA DSA-6179-1 thunderbird security update
History

Mon, 13 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Description Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Thu, 26 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
References
Metrics threat_severity

None

 threat_severity

Important

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla firefox Esr
Vendors & Products Mozilla firefox Esr

Tue, 24 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Weaknesses CWE-754
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
Vendors & Products Mozilla
Mozilla firefox
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Tue, 24 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Description Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9. Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
References

Tue, 24 Mar 2026 12:45:00 +0000

Type Values Removed Values Added
Description Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9.
Title Incorrect boundary conditions in the Layout: Text and Fonts component
References

Subscriptions

Mozilla Firefox Firefox Esr
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T13:50:14.423Z

Reserved: 2026-03-23T23:22:01.062Z

Link: CVE-2026-4699

cve-icon Vulnrichment

Updated: 2026-03-26T13:01:05.549Z

cve-icon NVD

Status : Modified

Published: 2026-03-24T13:16:05.900

Modified: 2026-04-13T15:17:39.350

Link: CVE-2026-4699

cve-icon Redhat

Severity : Important

Publid Date: 2026-03-24T12:30:28Z

Links: CVE-2026-4699 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:43:30Z

Weaknesses