Primary

Context

Mozilla Firefox and Firefox ESR Sandbox Escape Vulnerability in Disability Access APIs Component

Vulnerability

Patched

A use-after-free vulnerability has been identified in the Disability Access APIs component of Mozilla Firefox. This vulnerability creates a sandbox escape, allowing potentially harmful actions to be performed outside of the intended security boundaries. It affects multiple versions of Firefox and Firefox ESR.

Impact

Exploitation of this vulnerability allows for a sandbox escape, enabling malicious actions to be performed outside of the application's security restrictions.

Remediation

Users can upgrade to Firefox 151, Firefox ESR 115.36, or Firefox ESR 140.11 to address this vulnerability.

Added: May 19, 2026, 2:46 PM

Updated: May 19, 2026, 2:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

4.2

remediation

7.7

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

4.2

remediation

7.7

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox and Firefox ESR Sandbox Escape Vulnerability in Disability Access APIs Component

Vulnerability

Impact

Remediation

Affected Products

Mozilla Firefox

Mozilla Firefox ESR

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating