This Red Hat advisory addresses multiple critical vulnerabilities in Firefox, including memory safety bugs and integer overflows that can lead to arbitrary code execution and denial of service. The most severe issue, CVE-2026-5734, carries a CVSS score of 9.8 (CRITICAL). Affected versions include Mozilla Firefox prior to versions 140.9.1 and 149.0.2; users must upgrade to one of these fixed versions to remediate the threats.
Red Hat Product Errata RHSA-2026:13583 - Security Advisory Issued: 2026-05-05 Updated: 2026-05-05 RHSA-2026:13583 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416) libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636) thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5734) thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5731) firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component (CVE-2026-5732) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2451805 - CVE-2026-33416 libpng: libpng: Arbitrary code execution due to use-after-free vulnerability BZ - 2451819 - CVE-2026-33636 libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion BZ - 2455897 - CVE-2026-5734 thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 BZ - 2455901 - CVE-2026-5731 thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 BZ - 2455908 - CVE-2026-5732 firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component CVEs CVE-2026-5731 CVE-2026-5732 CVE-2026-5734 CVE-2026-33416 CVE-2026-33636 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 x86_64 firefox-140.9.1-1.el9_6.x86_64.rpm SHA-256: 72f2a165a455c839359dc69fcc0ffdfb7b1dad5a54975b6e2b32aa0e045a1ec1 firefox-debuginfo-140.9.1-1.el9_6.x86_64.rpm SHA-256: 5b04aa65f8f3d5d92a7e80d9b3d72bae5309c4f1636fc3000100bd8b8c7ac15c firefox-debugsource-140.9.1-1.el9_6.x86_64.rpm SHA-256: 733d56689b0301a80fb3f60500f12abb91095a772b4c2261bdd8d20843c216a4 firefox-x11-140.9.1-1.el9_6.x86_64.rpm SHA-256: 0311ddef9fef8f8c53b8fda4f3a397e054d33e98f7fe910aa4d621d5efebe291 Red Hat Enterprise Linux Server - AUS 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 x86_64 firefox-140.9.1-1.el9_6.x86_64.rpm SHA-256: 72f2a165a455c839359dc69fcc0ffdfb7b1dad5a54975b6e2b32aa0e045a1ec1 firefox-debuginfo-140.9.1-1.el9_6.x86_64.rpm SHA-256: 5b04aa65f8f3d5d92a7e80d9b3d72bae5309c4f1636fc3000100bd8b8c7ac15c firefox-debugsource-140.9.1-1.el9_6.x86_64.rpm SHA-256: 733d56689b0301a80fb3f60500f12abb91095a772b4c2261bdd8d20843c216a4 firefox-x11-140.9.1-1.el9_6.x86_64.rpm SHA-256: 0311ddef9fef8f8c53b8fda4f3a397e054d33e98f7fe910aa4d621d5efebe291 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 s390x firefox-140.9.1-1.el9_6.s390x.rpm SHA-256: 1b80a151c37cf208a58655a277dfb839c331f077b386b17a0c3314f09dfbad20 firefox-debuginfo-140.9.1-1.el9_6.s390x.rpm SHA-256: d7eec3ba81722a64828e98c00504e3e65ca0cad02f2b87938f01d2fbe5e0eb32 firefox-debugsource-140.9.1-1.el9_6.s390x.rpm SHA-256: d1419d939639fd67cc984154b802ea920122fe3061f6602dd33b8125cafd6f9f firefox-x11-140.9.1-1.el9_6.s390x.rpm SHA-256: f717841cbd2798b17ae4e8eaa87472efae1ed19e94fe6a5b002cdcbfe0bc9385 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 ppc64le firefox-140.9.1-1.el9_6.ppc64le.rpm SHA-256: 2f237c7b5c3d6f567e16ba7a4b7744aed0f81e377470d923933e76d407ec4a93 firefox-debuginfo-140.9.1-1.el9_6.ppc64le.rpm SHA-256: 6b52cc3186598782d77af645d0675e9d44c9203c931433f4c19426f1313641c5 firefox-debugsource-140.9.1-1.el9_6.ppc64le.rpm SHA-256: 40d0042b0f9c7445b3ae434596e81ac5737f941cb33c95d12f7b520465adb437 firefox-x11-140.9.1-1.el9_6.ppc64le.rpm SHA-256: ce690f5457af51ab0f26ec573b372f40e8a80815fa02bec4ab1fb7c3c3ff5b8b Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 aarch64 firefox-140.9.1-1.el9_6.aarch64.rpm SHA-256: 910c8e5cc940aab42e5d8ac2961e47657d2017074e4783e68fa38ec8f5db47ff firefox-debuginfo-140.9.1-1.el9_6.aarch64.rpm SHA-256: 06f14a90c2e248a928be4d392bbe6ba7ac4ac4fa549198f10ce0f2a54d50c7ad firefox-debugsource-140.9.1-1.el9_6.aarch64.rpm SHA-256: 2169b5e81d077cd4bec8cf470bf91767a9bec08793da2df9a38120b8029197cc firefox-x11-140.9.1-1.el9_6.aarch64.rpm SHA-256: 679629ca36c7f0c67c144737c7991fe43ed5fd81b1a889ba3d6d4ab411ba7328 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 ppc64le firefox-140.9.1-1.el9_6.ppc64le.rpm SHA-256: 2f237c7b5c3d6f567e16ba7a4b7744aed0f81e377470d923933e76d407ec4a93 firefox-debuginfo-140.9.1-1.el9_6.ppc64le.rpm SHA-256: 6b52cc3186598782d77af645d0675e9d44c9203c931433f4c19426f1313641c5 firefox-debugsource-140.9.1-1.el9_6.ppc64le.rpm SHA-256: 40d0042b0f9c7445b3ae434596e81ac5737f941cb33c95d12f7b520465adb437 firefox-x11-140.9.1-1.el9_6.ppc64le.rpm SHA-256: ce690f5457af51ab0f26ec573b372f40e8a80815fa02bec4ab1fb7c3c3ff5b8b Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 x86_64 firefox-140.9.1-1.el9_6.x86_64.rpm SHA-256: 72f2a165a455c839359dc69fcc0ffdfb7b1dad5a54975b6e2b32aa0e045a1ec1 firefox-debuginfo-140.9.1-1.el9_6.x86_64.rpm SHA-256: 5b04aa65f8f3d5d92a7e80d9b3d72bae5309c4f1636fc3000100bd8b8c7ac15c firefox-debugsource-140.9.1-1.el9_6.x86_64.rpm SHA-256: 733d56689b0301a80fb3f60500f12abb91095a772b4c2261bdd8d20843c216a4 firefox-x11-140.9.1-1.el9_6.x86_64.rpm SHA-256: 0311ddef9fef8f8c53b8fda4f3a397e054d33e98f7fe910aa4d621d5efebe291 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 aarch64 firefox-140.9.1-1.el9_6.aarch64.rpm SHA-256: 910c8e5cc940aab42e5d8ac2961e47657d2017074e4783e68fa38ec8f5db47ff firefox-debuginfo-140.9.1-1.el9_6.aarch64.rpm SHA-256: 06f14a90c2e248a928be4d392bbe6ba7ac4ac4fa549198f10ce0f2a54d50c7ad firefox-debugsource-140.9.1-1.el9_6.aarch64.rpm SHA-256: 2169b5e81d077cd4bec8cf470bf91767a9bec08793da2df9a38120b8029197cc firefox-x11-140.9.1-1.el9_6.aarch64.rpm SHA-256: 679629ca36c7f0c67c144737c7991fe43ed5fd81b1a889ba3d6d4ab411ba7328 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 s390x firefox-140.9.1-1.el9_6.s390x.rpm SHA-256: 1b80a151c37cf208a58655a277dfb839c331f077b386b17a0c3314f09dfbad20 firefox-debuginfo-140.9.1-1.el9_6.s390x.rpm SHA-256: d7eec3ba81722a64828e98c00504e3e65ca0cad02f2b87938f01d2fbe5e0eb32 firefox-debugsource-140.9.1-1.el9_6.s390x.rpm SHA-256: d1419d939639fd67cc984154b802ea920122fe3061f6602dd33b8125cafd6f9f firefox-x11-140.9.1-1.el9_6.s390x.rpm SHA-256: f717841cbd2798b17ae4e8eaa87472efae1ed19e94fe6a5b002cdcbfe0bc9385 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 SRPM firefox-140.9.1-1.el9_6.src.rpm SHA-256: 838b2b5400f87b0f8661beab4de166d4bb1d03c9d9054ad66357a259e9d8d168 x86_64 firefox-140.9.1-1.el9_6.x86_64.rpm SHA-256: 72f2a165a455c839359dc69fcc0ffdfb7b1dad