VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-gk4z-t62t-bkha

Essentials
Severities (20)
References (43)
Severity details (19)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-gk4z-t62t-bkha
Aliases	CVE-2026-2781
Summary
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json
epss	0.00057	https://api.first.org/data/v1/epss?cve=CVE-2026-2781
cvssv3.1	8.8	https://bugzilla.mozilla.org/show_bug.cgi?id=2009552
ssvc	Track	https://bugzilla.mozilla.org/show_bug.cgi?id=2009552
cvssv3.1	6.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2026-13/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2026-13/
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2026-15/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2026-15/
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2026-16/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2026-16/
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2026-17/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2026-17/
cvssv3.1	8.8	https://www.mozilla.org/security/advisories/mfsa2026-31/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2026-31/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json
		https://api.first.org/data/v1/epss?cve=CVE-2026-2781
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2442292		https://bugzilla.redhat.com/show_bug.cgi?id=2442292
mfsa2026-13		https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
mfsa2026-13		https://www.mozilla.org/security/advisories/mfsa2026-13/
mfsa2026-15		https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
mfsa2026-15		https://www.mozilla.org/security/advisories/mfsa2026-15/
mfsa2026-16		https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
mfsa2026-16		https://www.mozilla.org/security/advisories/mfsa2026-16/
mfsa2026-17		https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
mfsa2026-17		https://www.mozilla.org/security/advisories/mfsa2026-17/
mfsa2026-31		https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
mfsa2026-31		https://www.mozilla.org/security/advisories/mfsa2026-31/
RHSA-2026:3338		https://access.redhat.com/errata/RHSA-2026:3338
RHSA-2026:3339		https://access.redhat.com/errata/RHSA-2026:3339
RHSA-2026:3361		https://access.redhat.com/errata/RHSA-2026:3361
RHSA-2026:3491		https://access.redhat.com/errata/RHSA-2026:3491
RHSA-2026:3492		https://access.redhat.com/errata/RHSA-2026:3492
RHSA-2026:3493		https://access.redhat.com/errata/RHSA-2026:3493
RHSA-2026:3494		https://access.redhat.com/errata/RHSA-2026:3494
RHSA-2026:3495		https://access.redhat.com/errata/RHSA-2026:3495
RHSA-2026:3496		https://access.redhat.com/errata/RHSA-2026:3496
RHSA-2026:3497		https://access.redhat.com/errata/RHSA-2026:3497
RHSA-2026:3515		https://access.redhat.com/errata/RHSA-2026:3515
RHSA-2026:3516		https://access.redhat.com/errata/RHSA-2026:3516
RHSA-2026:3517		https://access.redhat.com/errata/RHSA-2026:3517
RHSA-2026:3976		https://access.redhat.com/errata/RHSA-2026:3976
RHSA-2026:3978		https://access.redhat.com/errata/RHSA-2026:3978
RHSA-2026:3979		https://access.redhat.com/errata/RHSA-2026:3979
RHSA-2026:3980		https://access.redhat.com/errata/RHSA-2026:3980
RHSA-2026:3981		https://access.redhat.com/errata/RHSA-2026:3981
RHSA-2026:3982		https://access.redhat.com/errata/RHSA-2026:3982
RHSA-2026:3983		https://access.redhat.com/errata/RHSA-2026:3983
RHSA-2026:3984		https://access.redhat.com/errata/RHSA-2026:3984
RHSA-2026:4022		https://access.redhat.com/errata/RHSA-2026:4022
RHSA-2026:4152		https://access.redhat.com/errata/RHSA-2026:4152
RHSA-2026:4260		https://access.redhat.com/errata/RHSA-2026:4260
RHSA-2026:4432		https://access.redhat.com/errata/RHSA-2026:4432
show_bug.cgi?id=2009552		https://bugzilla.mozilla.org/show_bug.cgi?id=2009552
USN-8071-1		https://usn.ubuntu.com/8071-1/
USN-8071-2		https://usn.ubuntu.com/8071-2/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://bugzilla.mozilla.org/show_bug.cgi?id=2009552

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/ Found at https://bugzilla.mozilla.org/show_bug.cgi?id=2009552

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2026-13/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2026-13/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2026-15/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2026-15/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2026-16/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2026-16/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2026-17/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2026-17/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/security/advisories/mfsa2026-31/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2026-31/

Exploit Prediction Scoring System (EPSS)

Percentile	0.18203
EPSS Score	0.00057
Published At	May 29, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-29T08:25:44.689992+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2026/mfsa2026-15.yml	38.6.0