CVE-2026-14241
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk4th percentile — higher than 4% of all known CVEs
Summary
Memory safety bugs were found in Firefox 152.0.3, some showing evidence of memory corruption that could potentially be exploited to run arbitrary code. This vulnerability was fixed in Firefox 152.0.4.
Risk Assessment
The organization faces the risk of remote code execution, which could lead to data breaches or service disruption.
Recommendation
Immediately update Firefox to version 152.0.4 or later on all workstations and servers.
Original NVD description (English source)
Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152.0.4.

