CVE-2026-4705: firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component

Severity: Critical

CVSS Score: 9.8

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.