CVE-2026-0885

medium

Red Hat

CVSS v3 Base Score

6.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Published: January 13, 2026

Last Modified: January 13, 2026

Vendor: Red Hat

Description

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Fix Status

✅ Fix Available

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 www.mozilla.org 🔗 www.mozilla.org

CVE-2026-0885

Vulnerability Report

Description

Affected Products

Fix Status

References