Description
Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149.
Published: 2026-03-24
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

Memory safety bugs were identified in Firefox 148 and Thunderbird 148 that can lead to memory corruption. The vendor’s analysis suggests that with sufficient effort, these bugs could be exploited to execute arbitrary code. The weaknesses involve improper handling of memory buffers (CWE‑120) and related buffer size mismatches (CWE‑825). If successfully leveraged, an attacker could gain complete control over a victim’s machine via the compromised browser or email client.

Affected Systems

The flaws affect Mozilla Firefox 148 and Mozilla Thunderbird 148. They were addressed in the subsequent major release, Firefox 149 and Thunderbird 149, so any systems running the 148 releases or earlier remain vulnerable.

Risk and Exploitability

The CVSS score of 9.8 reflects a severe threat with full availability, confidentiality, and integrity impact. The EPSS score is below 1 %, indicating a low likelihood of exploitation at present, and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is through malicious web content or email messages that contain specially crafted input to trigger the memory corruption. No publicly available exploit exists, so risk remains largely theoretical until an attacker produces a viable exploit.

Generated by OpenCVE AI on April 13, 2026 at 16:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Mozilla Firefox to version 149 or later, ensuring the latest build is installed.
  • Update Mozilla Thunderbird to version 149 or later.
  • Verify that the updated software is running and that no older versions remain on the system.
  • If an immediate upgrade is not feasible, restrict the use of the affected applications until a patch is applied, and monitor for related security advisories.

Generated by OpenCVE AI on April 13, 2026 at 16:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149 and Thunderbird < 149. Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149.

Wed, 25 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla thunderbird
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*
Vendors & Products Mozilla thunderbird

Wed, 25 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Wed, 25 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-825
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

threat_severity

Important

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Vendors & Products Mozilla
Mozilla firefox

Tue, 24 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149. Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149 and Thunderbird < 149.
References

Tue, 24 Mar 2026 12:45:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.
Title Memory safety bugs fixed in Firefox 149 and Thunderbird 149
References

Subscriptions

Mozilla Firefox Thunderbird
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T13:51:19.687Z

Reserved: 2026-03-23T23:22:57.190Z

Link: CVE-2026-4729

cve-icon Vulnrichment

Updated: 2026-03-25T13:08:55.754Z

cve-icon NVD

Status : Modified

Published: 2026-03-24T13:16:08.830

Modified: 2026-04-13T15:17:45.597

Link: CVE-2026-4729

cve-icon Redhat

Severity : Important

Publid Date: 2026-03-24T12:30:43Z

Links: CVE-2026-4729 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:42:45Z

Weaknesses