Mozilla Firefox Canvas2D Improper Boundary Condition Vulnerability (CVE-2026-4685)
An improper boundary condition vulnerability in the Canvas2D component of Mozilla Firefox, Firefox ESR, and Thunderbird (CVE-2026-4685) could allow for a denial-of-service condition.
CVE-2026-4685 describes an incorrect boundary condition in the Graphics: Canvas2D component affecting Mozilla Firefox versions prior to 149, Firefox ESR versions prior to 115.34 and 140.9, and Thunderbird versions prior to 149 and 140.9. This vulnerability could be exploited by a remote attacker to cause a denial-of-service condition. Successful exploitation of this vulnerability could result in the application crashing or becoming unresponsive. The vulnerability was reported and patched by…
Detection coverage 2
Detect Firefox Process Crashes
mediumDetects crashes of the Firefox process, potentially indicating exploitation of vulnerabilities like CVE-2026-4685.
Detect Thunderbird Process Crashes
mediumDetects crashes of the Thunderbird process, potentially indicating exploitation of vulnerabilities like CVE-2026-4685.
Detection queries are kept inside the platform. Get full rules →