critical advisory March 24, 2026

Mozilla Firefox and Thunderbird Use-After-Free Vulnerability (CVE-2026-4723)

A use-after-free vulnerability, CVE-2026-4723, in the JavaScript Engine of Mozilla Firefox and Thunderbird before version 149 could allow arbitrary code execution if successfully exploited by an attacker.

CVE-2026-4723 is a critical use-after-free vulnerability affecting the JavaScript Engine component in Mozilla Firefox and Thunderbird. This flaw exists in versions prior to 149. A remote attacker could potentially exploit this vulnerability by crafting malicious JavaScript code that, when processed by a vulnerable browser or email client, triggers the use-after-free condition. The vulnerability was reported by Mozilla Corporation and assigned a CVSS v3.1 base score of 9.8, indicating a high…

Detection coverage 2

Detect JavaScript Use-After-Free Attempt

high

Detects attempts to trigger a use-after-free vulnerability by monitoring JavaScript execution in web server logs.

sigma tactics: initial_access techniques: T1189, T1190, T1203 sources: webserver, linux

Network Connection from Firefox/Thunderbird Post JavaScript

medium

Detects outbound network connections initiated by Firefox or Thunderbird shortly after JavaScript execution, which might indicate code execution from a UAF vulnerability.

sigma tactics: command_and_control techniques: T1071.001 sources: network_connection, windows

Detection queries are kept inside the platform. Get full rules →