{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/mozilla-firefox/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["sandbox escape","integer overflow","mozilla firefox","mozilla thunderbird","cve-2026-4690"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4690 is a critical vulnerability affecting Mozilla Firefox, Firefox ESR, and Thunderbird. The root cause lies in incorrect boundary conditions coupled with an integer overflow within the XPCOM component. Successful exploitation allows an attacker to bypass the sandbox protections, potentially leading to arbitrary code execution outside the confines of the browser\u0026rsquo;s security measures. The vulnerability impacts Firefox versions earlier than 149, Firefox ESR versions prior to 115.34 and…\u003c/p\u003e\n","date_modified":"2026-03-24T13:16:04Z","date_published":"2026-03-24T13:16:04Z","id":"/briefs/2024-01-cve-2026-4690-firefox-sandbox-escape/","summary":"A sandbox escape vulnerability, identified as CVE-2026-4690, exists in the XPCOM component of Mozilla Firefox, Firefox ESR, and Thunderbird due to incorrect boundary conditions and an integer overflow, potentially allowing an attacker to execute arbitrary code outside the sandbox.","title":"CVE-2026-4690: Mozilla Firefox, Firefox ESR, and Thunderbird XPCOM Sandbox Escape","url":"https://feed.craftedsignal.io/briefs/2024-01-cve-2026-4690-firefox-sandbox-escape/"}],"language":"en","title":"CraftedSignal Threat Feed — Mozilla Firefox","version":"https://jsonfeed.org/version/1.1"}