Red Hat Product Errata RHSA-2026:20574 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20574 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): firefox: Other issue in the WebRTC component (CVE-2026-8094) firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2 (CVE-2026-8092) firefox: Use-after-free in the DOM: Networking component (CVE-2026-8090) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2467706 - CVE-2026-8094 firefox: Other issue in the WebRTC component BZ - 2467708 - CVE-2026-8092 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2 BZ - 2467709 - CVE-2026-8090 firefox: Use-after-free in the DOM: Networking component CVEs CVE-2026-8090 CVE-2026-8092 CVE-2026-8094 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 x86_64 firefox-140.10.2-1.el9_8.x86_64.rpm SHA-256: c7a4b369a3f5c6820d06c65ea9bcc7b0b4c61e50faada72618acccd1ea06bb6d firefox-debuginfo-140.10.2-1.el9_8.x86_64.rpm SHA-256: ee7485fce9cd7c1034ce18cce1d279ed4b5c4ef7d5e9ba8bbbb9756ce3798c57 firefox-debugsource-140.10.2-1.el9_8.x86_64.rpm SHA-256: ab0135cc67867e551ddb6cf2a4c63e5b4b745bd84aa4b0768c671c655b6213ca firefox-x11-140.10.2-1.el9_8.x86_64.rpm SHA-256: a7652e97f3023694992a09f430dbb3e17d9db722409959605e793ab150423619 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 x86_64 firefox-140.10.2-1.el9_8.x86_64.rpm SHA-256: c7a4b369a3f5c6820d06c65ea9bcc7b0b4c61e50faada72618acccd1ea06bb6d firefox-debuginfo-140.10.2-1.el9_8.x86_64.rpm SHA-256: ee7485fce9cd7c1034ce18cce1d279ed4b5c4ef7d5e9ba8bbbb9756ce3798c57 firefox-debugsource-140.10.2-1.el9_8.x86_64.rpm SHA-256: ab0135cc67867e551ddb6cf2a4c63e5b4b745bd84aa4b0768c671c655b6213ca firefox-x11-140.10.2-1.el9_8.x86_64.rpm SHA-256: a7652e97f3023694992a09f430dbb3e17d9db722409959605e793ab150423619 Red Hat Enterprise Linux for IBM z Systems 9 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 s390x firefox-140.10.2-1.el9_8.s390x.rpm SHA-256: e86f7ea4a737653052be7b7ed25c525d42f3e92e3f9072925d701819e0955ebd firefox-debuginfo-140.10.2-1.el9_8.s390x.rpm SHA-256: b7f4fdef483e71ad31fdf207bc75e9286342b0c75ba49c778c7a6a4200134d66 firefox-debugsource-140.10.2-1.el9_8.s390x.rpm SHA-256: 48597c5fa27e3bda6c41a47e7f6e608856760f1a703d0cc2da4027ef85433e67 firefox-x11-140.10.2-1.el9_8.s390x.rpm SHA-256: 40e586aaaadfb3a622623031182a94912dd905f82a5cdea8734cf0f01e282782 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 s390x firefox-140.10.2-1.el9_8.s390x.rpm SHA-256: e86f7ea4a737653052be7b7ed25c525d42f3e92e3f9072925d701819e0955ebd firefox-debuginfo-140.10.2-1.el9_8.s390x.rpm SHA-256: b7f4fdef483e71ad31fdf207bc75e9286342b0c75ba49c778c7a6a4200134d66 firefox-debugsource-140.10.2-1.el9_8.s390x.rpm SHA-256: 48597c5fa27e3bda6c41a47e7f6e608856760f1a703d0cc2da4027ef85433e67 firefox-x11-140.10.2-1.el9_8.s390x.rpm SHA-256: 40e586aaaadfb3a622623031182a94912dd905f82a5cdea8734cf0f01e282782 Red Hat Enterprise Linux for Power, little endian 9 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 ppc64le firefox-140.10.2-1.el9_8.ppc64le.rpm SHA-256: 00cc92f2b08d20a6e6f926d63df9b9f564ca8fca9bbd861f0548d7949138b2b7 firefox-debuginfo-140.10.2-1.el9_8.ppc64le.rpm SHA-256: b4270f776da017c5855af7356229e378d94555bbb907e35f7031f76ca7caf658 firefox-debugsource-140.10.2-1.el9_8.ppc64le.rpm SHA-256: 5643cc1cc8321d56014586fc7c9d825642ce499e095f46053f8f0ac722086ec1 firefox-x11-140.10.2-1.el9_8.ppc64le.rpm SHA-256: aa664679b07d33ad33df828b81440c5a30d31f61d4d3259975ab4c033c26f016 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 ppc64le firefox-140.10.2-1.el9_8.ppc64le.rpm SHA-256: 00cc92f2b08d20a6e6f926d63df9b9f564ca8fca9bbd861f0548d7949138b2b7 firefox-debuginfo-140.10.2-1.el9_8.ppc64le.rpm SHA-256: b4270f776da017c5855af7356229e378d94555bbb907e35f7031f76ca7caf658 firefox-debugsource-140.10.2-1.el9_8.ppc64le.rpm SHA-256: 5643cc1cc8321d56014586fc7c9d825642ce499e095f46053f8f0ac722086ec1 firefox-x11-140.10.2-1.el9_8.ppc64le.rpm SHA-256: aa664679b07d33ad33df828b81440c5a30d31f61d4d3259975ab4c033c26f016 Red Hat Enterprise Linux for ARM 64 9 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 aarch64 firefox-140.10.2-1.el9_8.aarch64.rpm SHA-256: 67a82e3417c0ec5bd5eccc236f6e0f2b8ef16960b15b64c4d0c67fbf304e3cdd firefox-debuginfo-140.10.2-1.el9_8.aarch64.rpm SHA-256: 43f54e9cb177a2078d06ec89c98f8f2cd8f836aa80601c7feef7a1280b8cff4d firefox-debugsource-140.10.2-1.el9_8.aarch64.rpm SHA-256: b67200740f062a1aae905a959797cfdd9db1efcdb91e8dde930ea47c36887f71 firefox-x11-140.10.2-1.el9_8.aarch64.rpm SHA-256: 29e85d048d35e25fe52f0d7a67d62493a8d85679d053943641568663cf5dc4e7 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 aarch64 firefox-140.10.2-1.el9_8.aarch64.rpm SHA-256: 67a82e3417c0ec5bd5eccc236f6e0f2b8ef16960b15b64c4d0c67fbf304e3cdd firefox-debuginfo-140.10.2-1.el9_8.aarch64.rpm SHA-256: 43f54e9cb177a2078d06ec89c98f8f2cd8f836aa80601c7feef7a1280b8cff4d firefox-debugsource-140.10.2-1.el9_8.aarch64.rpm SHA-256: b67200740f062a1aae905a959797cfdd9db1efcdb91e8dde930ea47c36887f71 firefox-x11-140.10.2-1.el9_8.aarch64.rpm SHA-256: 29e85d048d35e25fe52f0d7a67d62493a8d85679d053943641568663cf5dc4e7 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 ppc64le firefox-140.10.2-1.el9_8.ppc64le.rpm SHA-256: 00cc92f2b08d20a6e6f926d63df9b9f564ca8fca9bbd861f0548d7949138b2b7 firefox-debuginfo-140.10.2-1.el9_8.ppc64le.rpm SHA-256: b4270f776da017c5855af7356229e378d94555bbb907e35f7031f76ca7caf658 firefox-debugsource-140.10.2-1.el9_8.ppc64le.rpm SHA-256: 5643cc1cc8321d56014586fc7c9d825642ce499e095f46053f8f0ac722086ec1 firefox-x11-140.10.2-1.el9_8.ppc64le.rpm SHA-256: aa664679b07d33ad33df828b81440c5a30d31f61d4d3259975ab4c033c26f016 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 x86_64 firefox-140.10.2-1.el9_8.x86_64.rpm SHA-256: c7a4b369a3f5c6820d06c65ea9bcc7b0b4c61e50faada72618acccd1ea06bb6d firefox-debuginfo-140.10.2-1.el9_8.x86_64.rpm SHA-256: ee7485fce9cd7c1034ce18cce1d279ed4b5c4ef7d5e9ba8bbbb9756ce3798c57 firefox-debugsource-140.10.2-1.el9_8.x86_64.rpm SHA-256: ab0135cc67867e551ddb6cf2a4c63e5b4b745bd84aa4b0768c671c655b6213ca firefox-x11-140.10.2-1.el9_8.x86_64.rpm SHA-256: a7652e97f3023694992a09f430dbb3e17d9db722409959605e793ab150423619 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 SRPM firefox-140.10.2-1.el9_8.src.rpm SHA-256: 6850311af6e932ea265ff33394156d659f5abfe0e5662485f76764111e5c2225 aarch64 firefox-140.10.2-1.el9_8.aarch64.rpm SHA-256: 67a82e3417c0ec5bd5eccc236f6e0f2b8ef16960b15b64c4d0c67fbf304e3cdd firefox-debuginfo-140.10.2-1.el9_8.aarch64.rpm SHA-256: 43f54e9cb177a2078d06ec89c98f8f2cd8f836aa80601c7f