Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution

*Multiple vulnerabilities were discovered in Mozilla Firefox (CVE-2026-3845, CVE-2026-3846, CVE-2026-3847), including a heap buffer overflow enabling arbitrary code execution and a same-origin policy bypass; fixes are included in Firefox 148.0.2. Successful exploitation could allow attackers to install programs, view/change/delete data, or create accounts depending on user privileges, and the advisory links the issue to Initial Access via Drive-by Compromise.*