CVE-2026-0892 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2026-0892 Interim 1 1 2026-03-05T00:19:46Z current 2026-03-05T00:19:46Z 2026-03-05T00:19:46Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2026-0892 Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147 and Thunderbird < 147. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS openSUSE Tumbleweed MozillaFirefox MozillaFirefox-147.0-1.1 MozillaFirefox-branding-upstream-147.0-1.1 MozillaFirefox-devel MozillaFirefox-devel-147.0-1.1 MozillaFirefox-translations-common MozillaFirefox-translations-common-147.0-1.1 MozillaFirefox-translations-other MozillaFirefox-translations-other-147.0-1.1 MozillaFirefox-147.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-147.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-devel-147.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-147.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-147.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15 SP2-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15 SP2-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15 SP2-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15 SP2-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15 SP3-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15 SP3-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15 SP3-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15 SP3-LTSS Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147 and Thunderbird < 147. CVE-2026-0892 openSUSE Tumbleweed:MozillaFirefox-147.0-1.1 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-147.0-1.1 openSUSE Tumbleweed:MozillaFirefox-devel-147.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-common-147.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-other-147.0-1.1 important 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H