Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

Multiple vulnerabilities were disclosed in Mozilla products (notably Firefox and Thunderbird), including an audio/video boundary condition (CVE-2026-7320) that can cause information disclosure, several memory-safety bugs (CVE-2026-7322, CVE-2026-7323, CVE-2026-7324) and a WebRTC sandbox escape (CVE-2026-7321). The most severe issues could enable arbitrary code execution, allowing attackers to install software, access or modify data, or create accounts depending on user privileges; fixes are listed for specific ESR and release versions.