CVE-2026-2781

Published: March 3, 2026Last modified: March 6, 2026

Description

Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Severity score breakdown

Status

References

• https://bugzilla.mozilla.org/show_bug.cgi?id=2009552
• https://lists.debian.org/debian-lts-announce/2026/03/msg00012.html
• https://www.mozilla.org/security/advisories/mfsa2026-13/
• https://www.mozilla.org/security/advisories/mfsa2026-15/
• https://www.mozilla.org/security/advisories/mfsa2026-16/
• https://www.mozilla.org/security/advisories/mfsa2026-17/