CVE-2026-4729: Memory safety bugs fixed in Firefox 149 and Thunderbird 149
Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2026-4684
- CVE-2026-4685
- CVE-2026-4686
- CVE-2026-4687
- CVE-2026-4688
- CVE-2026-4689
- CVE-2026-4690
- CVE-2026-4691
- CVE-2026-4692
- CVE-2026-4693
- CVE-2026-4694
- CVE-2026-4695
- CVE-2026-4696
- CVE-2026-4697
- CVE-2026-4698
- CVE-2026-4699
- CVE-2026-4700
- CVE-2026-4701
- CVE-2026-4722
- CVE-2026-4702
- CVE-2026-4723
- CVE-2026-4724
- CVE-2026-4704
- CVE-2026-4705
- CVE-2026-4706
- CVE-2026-4707
- CVE-2026-4708
- CVE-2026-4709
- CVE-2026-4710
- CVE-2026-4711
- CVE-2026-4725
- CVE-2026-4712
- CVE-2026-4713
- CVE-2026-4714
- CVE-2026-4715
- CVE-2026-4716
- CVE-2026-4717
- CVE-2026-4726
- CVE-2025-59375
- CVE-2026-4727
- CVE-2026-4728
- CVE-2026-4718
- CVE-2026-4719
- CVE-2026-4720
- CVE-2026-4729
- CVE-2026-4721
- CVE-2026-3889
- CVE-2026-4371
Frequently Asked Questions
What is the severity of CVE-2026-4729?
CVE-2026-4729 is considered a critical vulnerability due to its potential for memory corruption and arbitrary code execution.
How do I fix CVE-2026-4729?
To fix CVE-2026-4729, update your Mozilla Firefox or Thunderbird to version 149 or later.
Which versions of software are affected by CVE-2026-4729?
CVE-2026-4729 affects Mozilla Firefox versions prior to 149 and Mozilla Thunderbird versions prior to 149.
What types of bugs are included in CVE-2026-4729?
CVE-2026-4729 includes memory safety bugs that could potentially lead to memory corruption.
Can CVE-2026-4729 be exploited for running arbitrary code?
Yes, there is evidence that memory safety bugs in CVE-2026-4729 could allow exploitation for running arbitrary code if targeted by an attacker.