Description
Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
Published: 2026-04-21
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a use‑after‑free flaw in Mozilla’s Widget: Cocoa component that exists in both Firefox and Thunderbird. The component can free an object while it is still in use, which can corrupt memory and potentially cause the application to crash or execute attacker‑controlled code if the freed memory is later reused.

Affected Systems

Mozilla Firefox versions older than 150 and Firefox ESR 140.10, and Mozilla Thunderbird versions older than 150 and Thunderbird ESR 140.10, are affected.

Risk and Exploitability

The CVSS score of 7.5 indicates high severity, while the EPSS score is not available, so the exploitation probability is uncertain. The vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is within the application process, possibly via a malicious webpage, email message, or user interaction that triggers the Widget: Cocoa code path (this inference is based on typical use‑after‑free exploitation scenarios).

Generated by OpenCVE AI on April 22, 2026 at 13:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Firefox 150 or newer, or to Firefox ESR 140.10 or newer, to apply the fix for this use‑after‑free flaw.
  • Upgrade to Thunderbird 150 or newer, or to Thunderbird ESR 140.10 or newer, to apply the fix for this use‑after‑free flaw.
  • If an upgrade cannot be performed immediately, consider disabling the Widget: Cocoa component or other widget APIs that are not required for your use case to eliminate the vulnerability exposure.
  • Keep both Firefox and Thunderbird updated regularly and monitor Mozilla’s security advisories for any additional patches or guidance related to the Widget component.

Generated by OpenCVE AI on April 22, 2026 at 13:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla thunderbird
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*
Vendors & Products Mozilla thunderbird

Wed, 22 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10. Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
Weaknesses CWE-416
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 21 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Vendors & Products Mozilla
Mozilla firefox

Tue, 21 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Description Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.
Title Use-after-free in the Widget: Cocoa component
References

Subscriptions

Mozilla Firefox Thunderbird
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-22T15:06:13.308Z

Reserved: 2026-04-21T12:40:54.035Z

Link: CVE-2026-6759

cve-icon Vulnrichment

Updated: 2026-04-21T17:48:33.083Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-21T13:16:21.857

Modified: 2026-04-22T16:08:03.650

Link: CVE-2026-6759

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-21T12:40:54Z

Links: CVE-2026-6759 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T13:45:18Z

Weaknesses