Alerts This Week
Warning Icon 1 975
Alerts This Week
Warning Icon 1 975

SUSE MozillaFirefox Important Security Update 2026-1649-1

suse
Calendar Grey April 29, 2026
Dist Suse Esm H88
25 vulnerabilities fixed in important security update for MozillaFirefox on SUSE, addressing privilege escalation and memory safety.
An update that solves 25 vulnerabilities can now be installed.

Summary

## This update for MozillaFirefox fixes the following issue: Update to Firefox Extended Support Release 140.10.0 ESR (bsc#1262230, MFSA 2026-32): * CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. * CVE-2026-6747: Use-after-free in the WebRTC component. * CVE-2026-6748: Uninitialized memory in the Audio/Video: Web Codecs component. * CVE-2026-6749: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. * CVE-2026-6750: Privilege escalation in the Graphics: WebRender component. * CVE-2026-6751: Uninitialized memory in the Audio/Video: Web Codecs component. * CVE-2026-6752: Incorrect boundary conditions in the WebRTC component. * CVE-2026-6753: Incorrect boundary conditions in the WebRTC component.

Topics%20covered

Topics Covered

security advisory SuSE privilege escalation important memory safety mozilla firefox

References

* bsc#1262230

Cross-

* CVE-2026-6746

* CVE-2026-6747

* CVE-2026-6748

* CVE-2026-6749

* CVE-2026-6750

* CVE-2026-6751

* CVE-2026-6752

* CVE-2026-6753

* CVE-2026-6754

* CVE-2026-6757

* CVE-2026-6759

* CVE-2026-6761

* CVE-2026-6762

* CVE-2026-6763

* CVE-2026-6764

* CVE-2026-6765

* CVE-2026-6766

* CVE-2026-6767

* CVE-2026-6769

* CVE-2026-6770

* CVE-2026-6771

* CVE-2026-6772

* CVE-2026-6776

* CVE-2026-6785

* CVE-2026-6786

CVSS scores:

* CVE-2026-6746 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-6747 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-6748 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2026-6749 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1649-1
Release Date: 2026-04-28T18:52:37Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE privilege escalation important memory safety mozilla firefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here