THREATNOIR
Subscribe
Back to Feed
VulnerabilitiesApr 2, 2026

‼️ CVE-2026-4698: JIT miscompilation in Firefox's JavaScript Engine CVSS: 8.8 Affected versions...

CVE-2026-4698: Critical JIT miscompilation flaw in Firefox JavaScript engine (CVSS 8.8)

Read at source

Summary

A critical JIT (Just-In-Time) miscompilation vulnerability (CVE-2026-4698) affects Firefox, Firefox ESR, and Thunderbird across multiple versions with a CVSS score of 8.8. The vulnerability was discovered by @maxpl0it and reported through Trend Micro's Zero Day Initiative. Patches are available for Firefox ≥149, Firefox ESR ≥115.34/140.9, and Thunderbird ≥149/140.9.

Indicators of Compromise

  • cve — CVE-2026-4698

Entities

Mozilla (vendor)Firefox (product)Thunderbird (product)Firefox ESR (product)Trend Micro (vendor)