Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:mozilla/Firefox@149.0.0
purl pkg:mozilla/Firefox@149.0.0
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-mm6w-kpe8-4kg3 Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. CVE-2026-4684

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:16:37.080316+00:00 Mozilla Importer Fixing VCID-mm6w-kpe8-4kg3 https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2026/mfsa2026-20.yml 38.0.0