CVE-2026-6748: firefox: thunderbird: Uninitialized memory in the Audio/Video: Web Codecs component

Severity: Critical

CVSS Score: 9.8

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.