https://feed.craftedsignal.io/tags/cve-2026-4687/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 13:16:04 +0000https://feed.craftedsignal.io/briefs/2026-03-firefox-sandbox-escape/Tue, 24 Mar 2026 13:16:04 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-firefox-sandbox-escape/CVE-2026-4687 is a sandbox escape vulnerability in Firefox and Thunderbird due to incorrect boundary conditions in the Telemetry component, potentially allowing an attacker to execute arbitrary code outside the sandbox.<p>CVE-2026-4687 is a critical sandbox escape vulnerability affecting Mozilla Firefox and Thunderbird. The vulnerability stems from incorrect boundary conditions within the Telemetry component. Specifically, Firefox versions prior to 149, Firefox ESR versions prior to 115.34 and 140.9, and Thunderbird versions prior to 149 and 140.9 are affected. Successful exploitation could allow an attacker to bypass the intended security restrictions of the sandbox environment and potentially execute arbitrary…</p> criticaladvisorysandbox-escapefirefoxthunderbirdcve-2026-4687