QwikSec

Security Database

CVE

CWE

Training

CVE-2026-8090

Published: May 7, 2026

Modified: May 8, 2026

PUBLISHED

Description

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.

Vendor	Product	Versions
Mozilla	Firefox	unaffected `115.35.2 - <= 115.` unaffected `140.10.2 - <= 140.` unaffected `150.0.2 - <= *`
Mozilla	Thunderbird	unaffected `140.10.2 - <= 140.` unaffected `150.0.2 - <= `

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2034352

https://www.mozilla.org/security/advisories/mfsa2026-40/

https://www.mozilla.org/security/advisories/mfsa2026-41/

https://www.mozilla.org/security/advisories/mfsa2026-42/

https://www.mozilla.org/security/advisories/mfsa2026-43/

https://www.mozilla.org/security/advisories/mfsa2026-44/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.