{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-4688/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["use-after-free","sandbox-escape","cve-2026-4688"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4688 is a critical use-after-free vulnerability residing within the Disability Access APIs component of Mozilla Firefox and Thunderbird. Discovered and reported by Mozilla, this flaw allows for a sandbox escape, meaning an attacker could potentially execute arbitrary code outside the security sandbox normally imposed by the browser or email client. This vulnerability affects Firefox versions prior to 149, Firefox ESR (Extended Support Release) versions prior to 140.9, Thunderbird…\u003c/p\u003e\n","date_modified":"2026-03-24T13:16:04Z","date_published":"2026-03-24T13:16:04Z","id":"/briefs/2026-03-firefox-use-after-free/","summary":"A use-after-free vulnerability in the Disability Access APIs component of Mozilla Firefox and Thunderbird (CVE-2026-4688) allows for sandbox escape, potentially leading to arbitrary code execution outside the sandbox.","title":"Mozilla Firefox and Thunderbird Use-After-Free Vulnerability (CVE-2026-4688)","url":"https://feed.craftedsignal.io/briefs/2026-03-firefox-use-after-free/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-4688","version":"https://jsonfeed.org/version/1.1"}