CVE-2026-2757 is a critical security vulnerability identified in Mozilla Firefox and Thunderbird's WebRTC Audio/Video component. The root cause is incorrect boundary condition checks within the WebRTC implementation, specifically affecting audio and video processing. This flaw can be exploited remotely by an unauthenticated attacker to execute arbitrary code or trigger a denial of service (DoS) condition. The vulnerability impacts Firefox versions earlier than 148, Firefox ESR versions prior to 115.33 and 140.8, and Thunderbird versions before 148 and 140.8. The CVSS v3.1 base score of 9.8 reflects the vulnerability's severity, with attack vector being network-based, requiring no privileges or user interaction, and resulting in high confidentiality, integrity, and availability impacts. The CWE-1384 classification indicates a boundary condition error, which often leads to memory corruption issues such as buffer overflows or out-of-bounds reads/writes. Although no public exploits have been reported yet, the vulnerability's nature and severity suggest it could be weaponized quickly. The WebRTC component is widely used for real-time communications, making this vulnerability particularly dangerous in environments relying on browser-based audio/video conferencing or messaging. Mozilla has not yet published patches at the time of this report, emphasizing the need for vigilance and rapid deployment once available.

The vulnerability poses a severe risk to organizations globally, especially those utilizing Firefox or Thunderbird for communication and collaboration. Exploitation can lead to remote code execution, allowing attackers to take full control of affected systems, steal sensitive data, or disrupt services via denial of service. This can compromise confidentiality, integrity, and availability of critical systems and data. Enterprises relying on WebRTC for real-time communications, including financial institutions, government agencies, healthcare providers, and remote workforces, face heightened exposure. The lack of required privileges or user interaction lowers the barrier for attackers, increasing the likelihood of automated or widespread attacks once exploit code becomes available. Additionally, the vulnerability could be leveraged in targeted espionage campaigns or ransomware attacks, amplifying its impact. The absence of known exploits currently provides a window for mitigation, but the critical severity demands immediate attention to prevent potential damage.

Organizations should prioritize upgrading affected Mozilla Firefox and Thunderbird versions to 148 or later, and Firefox ESR versions to at least 115.33 or 140.8 as soon as official patches are released. Until patches are available, consider disabling WebRTC functionality in Firefox and Thunderbird to reduce attack surface, using browser configuration settings or extensions that block WebRTC traffic. Network-level controls such as firewall rules can restrict WebRTC signaling and media traffic to trusted endpoints. Employ endpoint detection and response (EDR) solutions to monitor for anomalous behavior indicative of exploitation attempts. Conduct thorough vulnerability scanning and asset inventory to identify all affected systems. Educate users about the risk and encourage prompt application updates. For high-security environments, consider temporary use of alternative browsers or communication tools not affected by this vulnerability. Maintain close monitoring of Mozilla security advisories for patch releases and exploit reports to adjust defenses accordingly.