{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-4687/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["sandbox-escape","firefox","thunderbird","cve-2026-4687"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4687 is a critical sandbox escape vulnerability affecting Mozilla Firefox and Thunderbird. The vulnerability stems from incorrect boundary conditions within the Telemetry component. Specifically, Firefox versions prior to 149, Firefox ESR versions prior to 115.34 and 140.9, and Thunderbird versions prior to 149 and 140.9 are affected. Successful exploitation could allow an attacker to bypass the intended security restrictions of the sandbox environment and potentially execute arbitrary…\u003c/p\u003e\n","date_modified":"2026-03-24T13:16:04Z","date_published":"2026-03-24T13:16:04Z","id":"/briefs/2026-03-firefox-sandbox-escape/","summary":"CVE-2026-4687 is a sandbox escape vulnerability in Firefox and Thunderbird due to incorrect boundary conditions in the Telemetry component, potentially allowing an attacker to execute arbitrary code outside the sandbox.","title":"Firefox and Thunderbird Sandbox Escape Vulnerability (CVE-2026-4687)","url":"https://feed.craftedsignal.io/briefs/2026-03-firefox-sandbox-escape/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-4687","version":"https://jsonfeed.org/version/1.1"}