Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.
https://www.mozilla.org/security/advisories/mfsa2026-29/
https://www.mozilla.org/security/advisories/mfsa2026-28/
https://www.mozilla.org/security/advisories/mfsa2026-27/
https://www.mozilla.org/security/advisories/mfsa2026-25/
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5732.json
https://bugzilla.redhat.com/show_bug.cgi?id=2455908
https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
https://access.redhat.com/security/cve/CVE-2026-5732
https://access.redhat.com/errata/RHSA-2026:9638
https://access.redhat.com/errata/RHSA-2026:9345
https://access.redhat.com/errata/RHSA-2026:8459
https://access.redhat.com/errata/RHSA-2026:8052
https://access.redhat.com/errata/RHSA-2026:7672
https://access.redhat.com/errata/RHSA-2026:7671
https://access.redhat.com/errata/RHSA-2026:15889
https://access.redhat.com/errata/RHSA-2026:14303
https://access.redhat.com/errata/RHSA-2026:14223
https://access.redhat.com/errata/RHSA-2026:13977
https://access.redhat.com/errata/RHSA-2026:13922
https://access.redhat.com/errata/RHSA-2026:13683
https://access.redhat.com/errata/RHSA-2026:13682
https://access.redhat.com/errata/RHSA-2026:13665
https://access.redhat.com/errata/RHSA-2026:13600
https://access.redhat.com/errata/RHSA-2026:13596
https://access.redhat.com/errata/RHSA-2026:13583
https://access.redhat.com/errata/RHSA-2026:13582
https://access.redhat.com/errata/RHSA-2026:13533
https://access.redhat.com/errata/RHSA-2026:13412
https://access.redhat.com/errata/RHSA-2026:13342
https://access.redhat.com/errata/RHSA-2026:12264