CVE-2026-5733PATCHED

mozilla · firefox

Incorrect boundary conditions in the Graphics: WebGPU component

Description

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.

Affected Products

Vendor	Product	Versions
mozilla	firefox	unspecified, unspecified

References

Related News (2 articles)

Tier B

CERT-FR2d ago

Multiples vulnérabilités dans les produits Mozilla (08 avril 2026)

→ No new info (linked only)

Tier C

VulDB2d ago

CVE-2026-5733 | Mozilla Firefox up to 149.0.1 WebGPU memory corruption

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

149.0.2

PublishedApr 7, 2026

Last enriched2d agov2

Trending Score31

Source articles2

Independent2

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-5732EXP

Incorrect boundary conditions, integer overflow in the Graphics: Text component

Trending: 42

NONECVE-2026-5735EXP

Memory safety bugs fixed in Firefox 149.0.2 and Thunderbird 149.0.2

Trending: 40

NONECVE-2026-5734EXP

Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

Trending: 37

CRITICALCVE-2026-5731

Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

Trending: 33

HIGHPRE-CVE

Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Allow Denial of Service and Arbitrary Code Execution

Trending: 19

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 7, 2026

Discovered by ZDM

Apr 7, 2026

Updated: description, severity

Apr 7, 2026

Patch Available

Apr 7, 2026

Version History

Last enriched 2d ago

v2Tier C2d ago

Updated severity to CRITICAL, changed exploit availability to false, and provided a more detailed description of the vulnerability.

descriptionseverity

via VulDB

v12d ago

Initial creation