CVE-2026-6654 | Mozilla thin-vec up to 0.2.15 clear use after free (GHSA-xphw-cqx3-667j)

A vulnerability labeled as critical has been found in Mozilla thin-vec up to 0.2.15. The affected element is the function IntoIter::drop/ThinVec::clear. Such manipulation leads to use after free.

This vulnerability is listed as CVE-2026-6654. The attack must be carried out from within the local network. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More