CVE-2026-4701: Use-after-free in the JavaScript Engine component
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.
Other sources
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
— MITRE
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2026-4684
- CVE-2026-4685
- CVE-2026-4686
- CVE-2026-4687
- CVE-2026-4688
- CVE-2026-4689
- CVE-2026-4690
- CVE-2026-4691
- CVE-2026-4692
- CVE-2026-4693
- CVE-2026-4694
- CVE-2026-4695
- CVE-2026-4696
- CVE-2026-4697
- CVE-2026-4698
- CVE-2026-4699
- CVE-2026-4700
- CVE-2026-4701
- CVE-2026-4722
- CVE-2026-4702
- CVE-2026-4723
- CVE-2026-4724
- CVE-2026-4704
- CVE-2026-4705
- CVE-2026-4706
- CVE-2026-4707
- CVE-2026-4708
- CVE-2026-4709
- CVE-2026-4710
- CVE-2026-4711
- CVE-2026-4725
- CVE-2026-4712
- CVE-2026-4713
- CVE-2026-4714
- CVE-2026-4715
- CVE-2026-4716
- CVE-2026-4717
- CVE-2026-4726
- CVE-2025-59375
- CVE-2026-4727
- CVE-2026-4728
- CVE-2026-4718
- CVE-2026-4719
- CVE-2026-4720
- CVE-2026-4729
- CVE-2026-4721
- CVE-2026-3889
- CVE-2026-4371
Frequently Asked Questions
What is the severity of CVE-2026-4701?
CVE-2026-4701 has a high severity rating as it can lead to remote code execution in affected versions of Mozilla Firefox.
How do I fix CVE-2026-4701?
To fix CVE-2026-4701, update to Firefox version 149 or later, or Firefox ESR version 140.9 or later.
What versions of Firefox are affected by CVE-2026-4701?
CVE-2026-4701 affects all versions of Firefox prior to 149 and Firefox ESR prior to 140.9.
What component does CVE-2026-4701 impact?
CVE-2026-4701 impacts the JavaScript Engine component of Firefox.
Can CVE-2026-4701 lead to data breaches?
Yes, CVE-2026-4701 can potentially lead to data breaches if exploited, as it allows execution of arbitrary code.