Main Vulnerability Database SB2026030252

SB2026030252 - SUSE update for mozilla-nss

Published: March 2, 2026

Security Bulletin ID SB2026030252

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Integer overflow (CVE-ID: CVE-2026-2781)

The vulnerability allows a remote attacker to crash the browser.

The vulnerability exists due to integer overflow in the Libraries component in NSS. A remote attacker can trick the victim into visiting a specially crafted website, trigger an integer overflow and crash the browser.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2026/suse-su-20260740-1/

Vulnerable Software

SUSE Linux Enterprise Micro for Rancher: 5.2
SUSE Linux Enterprise Micro: 5.2
mozilla-nss-certs-debuginfo: before 3.112.3-150000.3.135.1
mozilla-nss-certs: before 3.112.3-150000.3.135.1
libsoftokn3: before 3.112.3-150000.3.135.1
mozilla-nss-tools: before 3.112.3-150000.3.135.1
libfreebl3-debuginfo: before 3.112.3-150000.3.135.1
mozilla-nss-debugsource: before 3.112.3-150000.3.135.1
libsoftokn3-debuginfo: before 3.112.3-150000.3.135.1
mozilla-nss-debuginfo: before 3.112.3-150000.3.135.1
mozilla-nss: before 3.112.3-150000.3.135.1
libfreebl3: before 3.112.3-150000.3.135.1
mozilla-nss-tools-debuginfo: before 3.112.3-150000.3.135.1

SB2026030252 - SUSE update for mozilla-nss

Breakdown by Severity

Description

Remediation

References

Please verify you're human