Description
Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Published: 2026-05-19
Score: 9.6 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the Widget: Win32 component allows a malicious page to bypass the browser sandbox by exploiting incorrect boundary checks. The bug can lead to execution with higher privileges than the sandbox grants, potentially compromising the confidentiality, integrity, and availability of the host system. The issue is resolved by adding proper bounds checking to the component.

Affected Systems

Mozilla Firefox, all builds prior to Firefox 151 and Firefox ESR 140.11, were affected. The security update was released for Firefox 151 and Firefox ESR 140.11 and later versions.

Risk and Exploitability

No CVSS score is provided and the EPSS score is not available, but the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote, originating from a malicious web page or content delivered through the affected component. The risk is elevated given the potential for sandbox escape, but the exploitation probability remains unknown.

Generated by OpenCVE AI on May 19, 2026 at 14:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mozilla Firefox to version 151 or newer
  • Upgrade Mozilla Firefox ESR to 140.11 or newer
  • If an update cannot be applied immediately, restrict exposure to untrusted content by disabling the Widget: Win32 component or using a hardened sandbox configuration

Generated by OpenCVE AI on May 19, 2026 at 14:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 17:45:00 +0000

Type Values Removed Values Added
Description Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
References

Tue, 19 May 2026 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Vendors & Products Mozilla
Mozilla firefox

Tue, 19 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
CWE-693
Metrics cvssV3_1

{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 19 May 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
CWE-20

Tue, 19 May 2026 13:45:00 +0000

Type Values Removed Values Added
Description Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Title Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
References

Subscriptions

Mozilla Firefox
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-05-19T17:10:50.516Z

Reserved: 2026-05-19T12:29:54.802Z

Link: CVE-2026-8959

cve-icon Vulnrichment

Updated: 2026-05-19T16:07:03.195Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-19T14:16:52.280

Modified: 2026-05-19T17:16:25.130

Link: CVE-2026-8959

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T17:00:11Z

Weaknesses