https://feed.craftedsignal.io/tags/cve-2026-4688/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 13:16:04 +0000https://feed.craftedsignal.io/briefs/2026-03-firefox-use-after-free/Tue, 24 Mar 2026 13:16:04 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-firefox-use-after-free/A use-after-free vulnerability in the Disability Access APIs component of Mozilla Firefox and Thunderbird (CVE-2026-4688) allows for sandbox escape, potentially leading to arbitrary code execution outside the sandbox.<p>CVE-2026-4688 is a critical use-after-free vulnerability residing within the Disability Access APIs component of Mozilla Firefox and Thunderbird. Discovered and reported by Mozilla, this flaw allows for a sandbox escape, meaning an attacker could potentially execute arbitrary code outside the security sandbox normally imposed by the browser or email client. This vulnerability affects Firefox versions prior to 149, Firefox ESR (Extended Support Release) versions prior to 140.9, Thunderbird…</p> criticaladvisoryuse-after-freesandbox-escapecve-2026-4688