CVE-2026-8947 PUBLISHED

Use-after-free in the DOM: Bindings (WebIDL) component

Assigner: mozilla
Reserved: 19.05.2026 Published: 19.05.2026 Updated: 19.05.2026

Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.

Product Status

Vendor Mozilla
Product Firefox
Versions
  • unaffected from 115.36 to 115.* (incl.)
  • unaffected from 140.11 to 140.* (incl.)
  • unaffected from 151 to * (incl.)

Credits

  • Satoki Tsuji

References