HackTesting

CVE-2026-6746

Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

Credits

Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, Daniel Freeman, Alex Gaynor, and Joel Weinberger using Claude from Anthropic

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2014596
https://www.mozilla.org/security/advisories/mfsa2026-30/
https://www.mozilla.org/security/advisories/mfsa2026-31/
https://www.mozilla.org/security/advisories/mfsa2026-32/
https://www.mozilla.org/security/advisories/mfsa2026-33/
https://www.mozilla.org/security/advisories/mfsa2026-34/