CVE-2026-10702
4.3 MEDIUMJIT miscompilation in the JavaScript Engine: JIT component
Published: 2026-06-02 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 4.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
- CWE
- CWE-843
Affected products
| Vendor | Product |
|---|---|
| mozilla | firefox |
Description
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-10701 — Incorrect boundary conditions in the Graphics: Text component (7.5 HIGH)
- CVE-2026-9309 — Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata (5.4 MEDIUM)
- CVE-2026-9308 — Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders (5.4 MEDIUM)
- CVE-2026-9078 — Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI ... (5.4 MEDIUM)
- CVE-2026-8706 — Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arb... (6.5 MEDIUM)
Same CWE
- CVE-2026-45641 — Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally (8.4 HIGH)
- CVE-2026-45635 — Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network (8.1 HIGH)
- CVE-2026-45600 — Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate pri... (7.8 HIGH)
- CVE-2026-45456 — Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally (8.4 HIGH)
- CVE-2026-44817 — Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally (7.8 HIGH)