LeakyCreds
NewInstant webhook alerts now available — notified within seconds of any credential detection.Learn more →
Home / Vulnerability Intelligence / CVE-2026-5735

CVE-2026-5735 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 7, 2026

Mozilla Firefox - Remote Code Execution

Published: April 7, 2026Updated: April 7, 2026Remote Exploitable

Overview

Mozilla Firefox < 149.0.2 contains memory safety bugs caused by memory corruption, letting attackers potentially execute arbitrary code, exploit requires crafted input to trigger memory corruption.

Severity & Score

Severity: Critical
CVSS Score: 9.8
EPSS Score: 4.0%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary code remotely, potentially leading to full system compromise.

Mitigation

Update to version 149.0.2 or later.

References

Social Media Activity(1 post)

Yazoul - Cybersecurity Alerts
Yazoul - Cybersecurity Alerts
@Matchbook3469
Apr 8, 2026

⛔ New security advisory: CVE-2026-5735 affects Mozilla Firefox. • Impact: Remote code execution or complete system compromise possible • Risk: Attackers can gain full control of affected systems • Mitigation: Patch immediately or isolate affected systems Full breakdown: https://www.yazoul.net/advisory/cve/cve-2026-5735-firefox-thunderbird-rce #Cybersecurity #SecurityPatching #HackerNews

View original post

Related Resources

Details

CVE ID
CVE-2026-5735
Severity
Critical
CVSS Score
9.8
Type
undefined
Status
modified
EPSS
4.0%
Social Posts
1

CWE

  • CWE-787

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.0%Probability of exploitation in the next 30 days