CVE-2026-6758

· NIST NVD ↗

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

HIGH
CVSS severity
7.5
CVSS base score
2026-04-21
Published

CWE codes

CWE-416

Affected products

mozilla:firefoxmozilla:thunderbird

Sources