Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

SUSE 2026 MozillaFirefox Key Security Notice SUSE-SU-2026-8347-2

suse
Calendar Grey March 27, 2026
Dist Suse Esm H88
SUSE updates Mozilla Firefox addressing 38 vulnerabilities with important release fixes. Stay secure with the latest patches.
An update that solves 38 vulnerabilities can now be installed.

Summary

## This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR (MFSA 2026-22, bsc#1260083): * CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component * CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component * CVE-2026-4686: Incorrect boundary conditions in the Graphics: Canvas2D component * CVE-2026-4687: Sandbox escape due to incorrect boundary conditions in the Telemetry component * CVE-2026-4688: Sandbox escape due to use-after-free in the Disability Access APIs component * CVE-2026-4689: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component * CVE-2026-4690: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

References

* bsc#1260083

Cross-

* CVE-2025-59375

* CVE-2026-4684

* CVE-2026-4685

* CVE-2026-4686

* CVE-2026-4687

* CVE-2026-4688

* CVE-2026-4689

* CVE-2026-4690

* CVE-2026-4691

* CVE-2026-4692

* CVE-2026-4693

* CVE-2026-4694

* CVE-2026-4695

* CVE-2026-4696

* CVE-2026-4697

* CVE-2026-4698

* CVE-2026-4699

* CVE-2026-4700

* CVE-2026-4701

* CVE-2026-4702

* CVE-2026-4704

* CVE-2026-4705

* CVE-2026-4706

* CVE-2026-4707

* CVE-2026-4708

* CVE-2026-4709

* CVE-2026-4710

* CVE-2026-4711

* CVE-2026-4712

* CVE-2026-4713

* CVE-2026-4714

* CVE-2026-4715

* CVE-2026-4716

* CVE-2026-4717

* CVE-2026-4718

* CVE-2026-4719

* CVE-2026-4720

* CVE-2026-4721

CVSS scores:

* CVE-2025-59375 ( SUSE ): 8.2

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1127-1
Release Date: 2026-03-27T14:43:08Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here