Stay Secure with the Latest Linux Advisories

security advisoryupdateimportant

Rocky Linux 9 Update RLSA-2026-5935 Major Security Fixes for Firefox

Important: firefox security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:5930", "synopsis": "Important: firefox security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for firefox.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nSecurity Fix(es):\n\n* firefox: thunderbird: Use-after-free in the JavaScript Engine component (CVE-2026-4701)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4721)\n\n* firefox: thunderbird: Privilege escalation in the Netmonitor component (CVE-2026-4717)\n\n* firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component (CVE-2026-4688)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4706)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4695)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4689)\n\n* firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-4698)\n\n* firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component (CVE-2026-4716)\n\n* firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component (CVE-2026-4684)\n\n* firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4705)\n\n* firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component (CVE-2026-4715)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component(CVE-2026-4685)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4714)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-4709)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4710)\n\n* firefox: thunderbird: Information disclosure in the Widget: Cocoa component (CVE-2026-4712)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4697)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4713)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4690)\n\n* firefox: thunderbird: Use-after-free in the Widget: Cocoa component (CVE-2026-4711)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4686)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4708)\n\n* firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component (CVE-2026-4691)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component (CVE-2026-4699)\n\n* firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component (CVE-2026-4696)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component (CVE-2026-4693)\n\n* firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4718)\n\n* firefox: thunderbird: JIT miscompilation in the JavaScript Engine component (CVE-2026-4702)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component (CVE-2026-4719)\n\n* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component (CVE-2026-4694)\n\n* firefox: thunderbird: Sandbox escape in the Responsive Design Mode component (CVE-2026-4692)\n\n* firefox: thunderbird: Memorysafety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4720)\n\n* firefox: thunderbird: Mitigation bypass in the Networking: HTTP component (CVE-2026-4700)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4707)\n\n* firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component (CVE-2026-4704)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component (CVE-2026-4687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2450710", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450710", "description": ""}, {"ticket": "2450711", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450711", "description": ""}, {"ticket": "2450712", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450712", "description": ""}, {"ticket": "2450713", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450713", "description": ""}, {"ticket": "2450714", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450714", "description": ""}, {"ticket": "2450715", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450715", "description": ""}, {"ticket": "2450718", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450718", "description": ""}, {"ticket": "2450719", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450719", "description": ""}, {"ticket": "2450720", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450720", "description": ""}, {"ticket": "2450721", "sourceBy": "Red Hat","sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450721", "description": ""}, {"ticket": "2450722", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450722", "description": ""}, {"ticket": "2450723", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450723", "description": ""}, {"ticket": "2450724", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450724", "description": ""}, {"ticket": "2450725", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450725", "description": ""}, {"ticket": "2450726", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450726", "description": ""}, {"ticket": "2450727", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450727", "description": ""}, {"ticket": "2450728", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450728", "description": ""}, {"ticket": "2450729", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450729", "description": ""}, {"ticket": "2450730", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450730", "description": ""}, {"ticket": "2450732", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450732", "description": ""}, {"ticket": "2450733", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450733", "description": ""}, {"ticket": "2450734", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450734", "description": ""}, {"ticket": "2450735", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450735", "description": ""}, {"ticket": "2450738", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450738", "description": ""}, {"ticket": "2450739", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2450739", "description": ""}, {"ticket": "2450740", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450740", "description": ""}, {"ticket": "2450741", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450741", "description": ""}, {"ticket": "2450742", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450742", "description": ""}, {"ticket": "2450744", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450744", "description": ""}, {"ticket": "2450746", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450746", "description": ""}, {"ticket": "2450747", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450747", "description": ""}, {"ticket": "2450748", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450748", "description": ""}, {"ticket": "2450751", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450751", "description": ""}, {"ticket": "2450752", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450752", "description": ""}, {"ticket": "2450755", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450755", "description": ""}, {"ticket": "2450756", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450756", "description": ""}, {"ticket": "2450757", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2450757", "description": ""}], "cves": [{"name": "CVE-2026-4684", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4684", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-364"}, {"name": "CVE-2026-4685", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4685","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-787"}, {"name": "CVE-2026-4686", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4686", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-787"}, {"name": "CVE-2026-4687", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4687", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-501"}, {"name": "CVE-2026-4688", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4688", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}, {"name": "CVE-2026-4689", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4689", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}, {"name": "CVE-2026-4690", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4690", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}, {"name": "CVE-2026-4691", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4691", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}, {"name": "CVE-2026-4692", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4692", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-653"}, {"name": "CVE-2026-4693", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4693", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-823"}, {"name": "CVE-2026-4694", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4694", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-190"}, {"name": "CVE-2026-4695", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4695", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-131"}, {"name": "CVE-2026-4696", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4696", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}, {"name": "CVE-2026-4697", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4697", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-787"}, {"name": "CVE-2026-4698", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4698", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-733"}, {"name": "CVE-2026-4699", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4699", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-787"}, {"name": "CVE-2026-4700", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4700", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-444"}, {"name": "CVE-2026-4701", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4701", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-825"}, {"name": "CVE-2026-4702", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4702", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-733"}, {"name": "CVE-2026-4704", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4704", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-770"}, {"name": "CVE-2026-4705", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4705", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-475"}, {"name": "CVE-2026-4706", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4706", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-4707", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4707", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-823"}, {"name": "CVE-2026-4708", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4708", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-4709", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4709", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-4710", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4710", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-4711", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4711", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-825"}, {"name": "CVE-2026-4712", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4712", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-359"}, {"name": "CVE-2026-4713", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4713", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-4714", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4714", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-125"}, {"name": "CVE-2026-4715", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4715", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-824"}, {"name": "CVE-2026-4716", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4716", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-824"}, {"name": "CVE-2026-4717", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4717", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-266"}, {"name": "CVE-2026-4718", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4718", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "cvss3BaseScore": "3.4", "cwe": "CWE-475"}, {"name": "CVE-2026-4719", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4719", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "cvss3BaseScore": "3.4", "cwe": "CWE-805"}, {"name": "CVE-2026-4720", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4720", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-120"}, {"name": "CVE-2026-4721", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-4721", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}], "references": [], "publishedAt": "2026-04-07T12:03:55.701474Z", "rpms": {"Rocky Linux 9": {"nvras": ["firefox-0:140.9.0-1.el9_7.aarch64.rpm","firefox-0:140.9.0-1.el9_7.ppc64le.rpm", "firefox-0:140.9.0-1.el9_7.s390x.rpm", "firefox-0:140.9.0-1.el9_7.src.rpm", "firefox-0:140.9.0-1.el9_7.x86_64.rpm", "firefox-debuginfo-0:140.9.0-1.el9_7.aarch64.rpm", "firefox-debuginfo-0:140.9.0-1.el9_7.ppc64le.rpm", "firefox-debuginfo-0:140.9.0-1.el9_7.s390x.rpm", "firefox-debuginfo-0:140.9.0-1.el9_7.x86_64.rpm", "firefox-debugsource-0:140.9.0-1.el9_7.aarch64.rpm", "firefox-debugsource-0:140.9.0-1.el9_7.ppc64le.rpm", "firefox-debugsource-0:140.9.0-1.el9_7.s390x.rpm", "firefox-debugsource-0:140.9.0-1.el9_7.x86_64.rpm", "firefox-x11-0:140.9.0-1.el9_7.aarch64.rpm", "firefox-x11-0:140.9.0-1.el9_7.ppc64le.rpm", "firefox-x11-0:140.9.0-1.el9_7.s390x.rpm", "firefox-x11-0:140.9.0-1.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux 9 receives an important Firefox update fixing multiple security issues and vulnerabilities. Stay safe!. Rocky Linux 9 Firefox security update, important update, Mozilla issues, Linux security fixes. . Severity: Important. LinuxSecurity.com Team

Apr 07, 2026 •Important Rocky Linux