CVE-2026-4723 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 25, 2026
Firefox - Use After Free
Published: March 24, 2026Updated: March 25, 2026Remote Exploitable
Overview
Firefox < 149 contains a use-after-free vulnerability caused by improper memory management in the JavaScript Engine component, letting attackers cause memory corruption or remote code execution, exploit requires crafted web content.
Severity & Score
Severity: Critical
CVSS Score: 9.8
EPSS Score: 1.5%(Probability of exploitation in next 30 days)
Impact
Attackers can cause memory corruption or execute arbitrary code remotely via crafted web content.
Mitigation
Update to version 149 or later.
References
Social Media Activity(1 post)
TheHackerWire
@thehackerwire
š“ CVE-2026-4723 - Critical (9.8) Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149. š https://www.thehackerwire.com/vulnerability/CVE-2026-4723/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-4723
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- use_after_free
- Status
- modified
- EPSS
- 1.5%
- Social Posts
- 1
CWE
- CWE-416
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
1.5%Probability of exploitation in the next 30 days