Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19157: Important: firefox security update

cve-2026-7323redhatcve-2026-7320cve-2026-7322cve-2026-7321
This Red Hat advisory addresses multiple high-severity vulnerabilities in Firefox and Thunderbird, including memory safety bugs (CVE-2026-7323, CVSS 7.3), an information disclosure flaw in the Audio/Video component (CVE-2026-7320, CVSS 7.5), and a sandbox escape in the WebRTC Networking component (CVE-2026-7321). Affected versions include Firefox < 115.35.1, Firefox < 150.0.1, Firefox >= 128.0 < 140.10.1, Thunderbird < 140.10.1, and Thunderbird < 150.0.1. The fixed versions are Firefox/Thunderbird 115.35.1, 140.10.1, and 150.0.1, depending on the specific product and release stream.
Read Full Article →

Red Hat Product Errata RHSA-2026:19157 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19157 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 (CVE-2026-7323) firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component (CVE-2026-7320) firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 (CVE-2026-7322) firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-7321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2463481 - CVE-2026-7323 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 BZ - 2463483 - CVE-2026-7320 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component BZ - 2463484 - CVE-2026-7322 firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 BZ - 2463485 - CVE-2026-7321 firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component CVEs CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 x86_64 firefox-140.10.1-1.el10_2.x86_64.rpm SHA-256: 5ddb87d2f1eee3f78ab301c61c98bb55bea3d450f55276bca31ce2584fd86252 firefox-debuginfo-140.10.1-1.el10_2.x86_64.rpm SHA-256: e04fa0f476f99fb76b51aa06cd7fb5e5e6cd74085413320fe9794580d7b42a04 firefox-debugsource-140.10.1-1.el10_2.x86_64.rpm SHA-256: 3e7f4d4c10c6eff16484343cad8799823a357ed4ba28dff65b8ffa54d4551673 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 x86_64 firefox-140.10.1-1.el10_2.x86_64.rpm SHA-256: 5ddb87d2f1eee3f78ab301c61c98bb55bea3d450f55276bca31ce2584fd86252 firefox-debuginfo-140.10.1-1.el10_2.x86_64.rpm SHA-256: e04fa0f476f99fb76b51aa06cd7fb5e5e6cd74085413320fe9794580d7b42a04 firefox-debugsource-140.10.1-1.el10_2.x86_64.rpm SHA-256: 3e7f4d4c10c6eff16484343cad8799823a357ed4ba28dff65b8ffa54d4551673 Red Hat Enterprise Linux for IBM z Systems 10 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 s390x firefox-140.10.1-1.el10_2.s390x.rpm SHA-256: b3fc504b01666d1da48e955ba6858cddaaeb1dc44222cf2acde51b1a533a66f5 firefox-debuginfo-140.10.1-1.el10_2.s390x.rpm SHA-256: 72b74178b34a4df86cf89e4708b871beee834098796ffd2ed4edc191e0fb3a4a firefox-debugsource-140.10.1-1.el10_2.s390x.rpm SHA-256: 85c67de63c53ad7487063a3129954522f05db7635eb34812b51c2d63b0732442 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 s390x firefox-140.10.1-1.el10_2.s390x.rpm SHA-256: b3fc504b01666d1da48e955ba6858cddaaeb1dc44222cf2acde51b1a533a66f5 firefox-debuginfo-140.10.1-1.el10_2.s390x.rpm SHA-256: 72b74178b34a4df86cf89e4708b871beee834098796ffd2ed4edc191e0fb3a4a firefox-debugsource-140.10.1-1.el10_2.s390x.rpm SHA-256: 85c67de63c53ad7487063a3129954522f05db7635eb34812b51c2d63b0732442 Red Hat Enterprise Linux for Power, little endian 10 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 ppc64le firefox-140.10.1-1.el10_2.ppc64le.rpm SHA-256: c6295f6823fd560c01e56426454019d8eb5221c8ea4813672c89caa79dfebb63 firefox-debuginfo-140.10.1-1.el10_2.ppc64le.rpm SHA-256: 58ccfa517e20cda2130bdcea509e9b024aff161381b8a207491fd9c2e8a04d37 firefox-debugsource-140.10.1-1.el10_2.ppc64le.rpm SHA-256: 212c329b69a7ab4bf6faeaa905ab97b4c10449e84aef72809acff40849009132 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 ppc64le firefox-140.10.1-1.el10_2.ppc64le.rpm SHA-256: c6295f6823fd560c01e56426454019d8eb5221c8ea4813672c89caa79dfebb63 firefox-debuginfo-140.10.1-1.el10_2.ppc64le.rpm SHA-256: 58ccfa517e20cda2130bdcea509e9b024aff161381b8a207491fd9c2e8a04d37 firefox-debugsource-140.10.1-1.el10_2.ppc64le.rpm SHA-256: 212c329b69a7ab4bf6faeaa905ab97b4c10449e84aef72809acff40849009132 Red Hat Enterprise Linux for ARM 64 10 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 aarch64 firefox-140.10.1-1.el10_2.aarch64.rpm SHA-256: ca97891c2e30defaa20f37fc9363ff069bfc95d738334f0b0f30bd1d2d6ecc36 firefox-debuginfo-140.10.1-1.el10_2.aarch64.rpm SHA-256: 8f34e970013c9754bd0c50b57927861ac613a24ff6c9736316c711ac653d6aa4 firefox-debugsource-140.10.1-1.el10_2.aarch64.rpm SHA-256: 6529518157ab0c5872a1a5a9c6f33a2c31e2bad9e0d8651b82490cc1263ae720 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 aarch64 firefox-140.10.1-1.el10_2.aarch64.rpm SHA-256: ca97891c2e30defaa20f37fc9363ff069bfc95d738334f0b0f30bd1d2d6ecc36 firefox-debuginfo-140.10.1-1.el10_2.aarch64.rpm SHA-256: 8f34e970013c9754bd0c50b57927861ac613a24ff6c9736316c711ac653d6aa4 firefox-debugsource-140.10.1-1.el10_2.aarch64.rpm SHA-256: 6529518157ab0c5872a1a5a9c6f33a2c31e2bad9e0d8651b82490cc1263ae720 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 aarch64 firefox-140.10.1-1.el10_2.aarch64.rpm SHA-256: ca97891c2e30defaa20f37fc9363ff069bfc95d738334f0b0f30bd1d2d6ecc36 firefox-debuginfo-140.10.1-1.el10_2.aarch64.rpm SHA-256: 8f34e970013c9754bd0c50b57927861ac613a24ff6c9736316c711ac653d6aa4 firefox-debugsource-140.10.1-1.el10_2.aarch64.rpm SHA-256: 6529518157ab0c5872a1a5a9c6f33a2c31e2bad9e0d8651b82490cc1263ae720 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 s390x firefox-140.10.1-1.el10_2.s390x.rpm SHA-256: b3fc504b01666d1da48e955ba6858cddaaeb1dc44222cf2acde51b1a533a66f5 firefox-debuginfo-140.10.1-1.el10_2.s390x.rpm SHA-256: 72b74178b34a4df86cf89e4708b871beee834098796ffd2ed4edc191e0fb3a4a firefox-debugsource-140.10.1-1.el10_2.s390x.rpm SHA-256: 85c67de63c53ad7487063a3129954522f05db7635eb34812b51c2d63b0732442 Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 ppc64le firefox-140.10.1-1.el10_2.ppc64le.rpm SHA-256: c6295f6823fd560c01e56426454019d8eb5221c8ea4813672c89caa79dfebb63 firefox-debuginfo-140.10.1-1.el10_2.ppc64le.rpm SHA-256: 58ccfa517e20cda2130bdcea509e9b024aff161381b8a207491fd9c2e8a04d37 firefox-debugsource-140.10.1-1.el10_2.ppc64le.rpm SHA-256: 212c329b69a7ab4bf6faeaa905ab97b4c10449e84aef72809acff40849009132 Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 SRPM firefox-140.10.1-1.el10_2.src.rpm SHA-256: 2c5df6d43298d5d6bdabfcd9adc5dbeaf4640e7f215ffdb9133f97504ea88324 x86_64 firefox-140.10.1-1.el10_2.x86_64.rpm SHA-256: 5ddb87d2f1eee3f78ab301c61c98bb55bea3d450f55276bca31ce2584fd86252 firefox-debuginfo-140.10.1-1.el10_2.x86_64.rpm SHA-256: e04fa0f476f99fb76b51aa06cd7fb5e5e6cd74085413320fe9794580d7b42a04 firefox-debugsource-140.10.1-1.el10_2.x86_64.rpm SHA-256: 3e7f4d4c10c6e

Related Articles

HIGH RHSA-2026:19588: Important: firefox security update Red Hat Errata MEDIUM Multiples vulnérabilités dans les produits Mozilla (29 avril 2026) CERT-FR (ANSSI) HIGH DSA-6236-1 firefox-esr - security update Debian Security HIGH DSA-6242-1 thunderbird - security update Debian Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn