{"id":"RHSA-2026:10766","summary":"Red Hat Security Advisory: firefox security update","modified":"2026-05-28T10:04:42Z","published":"2026-04-28T10:07:59Z","upstream":["CVE-2026-6746","CVE-2026-6747","CVE-2026-6748","CVE-2026-6749","CVE-2026-6750","CVE-2026-6751","CVE-2026-6752","CVE-2026-6753","CVE-2026-6754","CVE-2026-6757","CVE-2026-6759","CVE-2026-6761","CVE-2026-6762","CVE-2026-6763","CVE-2026-6764","CVE-2026-6765","CVE-2026-6766","CVE-2026-6767","CVE-2026-6769","CVE-2026-6770","CVE-2026-6771","CVE-2026-6772","CVE-2026-6776","CVE-2026-6785","CVE-2026-6786"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460074"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460075"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460076"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460078"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460079"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460085"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460086"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460088"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460092"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460094"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460095"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460096"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460097"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460099"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460102"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460103"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460104"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460105"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460106"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460108"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460109"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460110"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460112"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10766.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6746"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6746"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6746"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6746"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6746"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6747"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6747"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6747"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6747"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6747"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6748"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6748"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6748"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6748"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6748"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6749"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6749"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6749"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6749"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6749"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6750"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6750"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6750"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6750"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6750"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6751"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6751"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6751"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6751"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6751"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6752"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6752"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6752"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6752"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6752"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6753"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6753"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6753"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6753"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6753"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6754"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6754"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6754"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6754"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6754"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6757"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6757"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6757"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6757"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6757"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6759"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6759"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6759"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6759"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6759"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6761"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6761"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6761"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6761"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6761"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6762"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6762"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6762"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6762"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6762"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6763"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6763"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6763"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6763"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6763"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6764"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6764"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6764"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6764"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6764"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6765"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6765"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6765"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6765"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6765"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6766"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6766"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6766"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6766"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6766"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6767"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6767"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6767"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6767"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6767"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6769"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6769"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6769"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6769"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6769"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6770"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6770"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6770"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6770"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6770"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6771"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6771"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6771"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6771"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6771"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6772"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6772"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6772"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6772"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6772"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6776"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6776"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6776"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6776"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6776"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6785"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6785"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6785"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6785"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6785"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6786"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6786"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6786"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-32/#CVE-2026-6786"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-34/#CVE-2026-6786"}],"affected":[{"package":{"name":"firefox","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/firefox"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.10.0-1.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10766.json"}},{"package":{"name":"firefox-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/firefox-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.10.0-1.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10766.json"}},{"package":{"name":"firefox-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/firefox-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.10.0-1.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10766.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}