Critical Severity Vulnerability
This vulnerability has been rated as Critical severity. Immediate action is recommended.
CVE-2026-7321
Critical
Low
Medium
High
Critical
9.6
CVSS Score
Vulnerability Description
Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox ESR 140.10.1.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
R
Scope
C
Confidentiality
H
Integrity
H
Availability
H
Severity Details
9.6
out of 10.0
Critical
Weakness Type (CWE)
CWE-120
Top 25 #18
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- Description
- The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- April 28, 2026
