https://feed.craftedsignal.io/tags/cve-2026-4723/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 13:16:08 +0000https://feed.craftedsignal.io/briefs/2026-03-firefox-thunderbird-uaf/Tue, 24 Mar 2026 13:16:08 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-firefox-thunderbird-uaf/A use-after-free vulnerability, CVE-2026-4723, in the JavaScript Engine of Mozilla Firefox and Thunderbird before version 149 could allow arbitrary code execution if successfully exploited by an attacker.<p>CVE-2026-4723 is a critical use-after-free vulnerability affecting the JavaScript Engine component in Mozilla Firefox and Thunderbird. This flaw exists in versions prior to 149. A remote attacker could potentially exploit this vulnerability by crafting malicious JavaScript code that, when processed by a vulnerable browser or email client, triggers the use-after-free condition. The vulnerability was reported by Mozilla Corporation and assigned a CVSS v3.1 base score of 9.8, indicating a high…</p> criticaladvisoryuse-after-freefirefoxthunderbirdjavascriptcve-2026-4723