Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
Typedeb
Namespacedebian
Namethunderbird
Version1:140.8.0esr-1~deb13u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:140.9.1esr-1
Latest_non_vulnerable_version1:140.9.1esr-1
Affected_by_vulnerabilities
0
url VCID-13he-qsr4-h3d4
vulnerability_id VCID-13he-qsr4-h3d4
summary Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4709
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0629
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06339
published_at 2026-04-13T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0635
published_at 2026-04-12T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06355
published_at 2026-04-11T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06362
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06266
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06322
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.063
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06276
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4709
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450726
reference_id 2450726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450726
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016329
reference_id show_bug.cgi?id=2016329
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016329
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016342
reference_id show_bug.cgi?id=2016342
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016342
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4709
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-13he-qsr4-h3d4
1
url VCID-15j8-br8z-juf3
vulnerability_id VCID-15j8-br8z-juf3
summary Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3889.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3889.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3889
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07427
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07518
published_at 2026-04-08T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07541
published_at 2026-04-09T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07479
published_at 2026-04-04T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0746
published_at 2026-04-07T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-16T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07515
published_at 2026-04-13T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07528
published_at 2026-04-12T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07542
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3889
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451006
reference_id 2451006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451006
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
9
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
10
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
11
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
12
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
13
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
14
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
15
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
16
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
17
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
18
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
19
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
20
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020723
reference_id show_bug.cgi?id=2020723
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020723
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-3889
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15j8-br8z-juf3
2
url VCID-1fv1-edht-ufag
vulnerability_id VCID-1fv1-edht-ufag
summary Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4715
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4715
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450723
reference_id 2450723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450723
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018405
reference_id show_bug.cgi?id=2018405
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018405
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4715
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fv1-edht-ufag
3
url VCID-23eu-22t2-cydd
vulnerability_id VCID-23eu-22t2-cydd
summary Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4714
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4714
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450725
reference_id 2450725
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450725
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018126
reference_id show_bug.cgi?id=2018126
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018126
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4714
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-23eu-22t2-cydd
4
url VCID-26d3-ctnj-7kbh
vulnerability_id VCID-26d3-ctnj-7kbh
summary Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4691
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10054
published_at 2026-04-18T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10076
published_at 2026-04-16T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10204
published_at 2026-04-13T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10223
published_at 2026-04-12T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10264
published_at 2026-04-11T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10131
published_at 2026-04-02T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10228
published_at 2026-04-09T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10167
published_at 2026-04-08T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10092
published_at 2026-04-07T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10196
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4691
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450738
reference_id 2450738
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450738
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017512
reference_id show_bug.cgi?id=2017512
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017512
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4691
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26d3-ctnj-7kbh
5
url VCID-289s-f2w6-53g9
vulnerability_id VCID-289s-f2w6-53g9
summary Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4716
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4716
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450720
reference_id 2450720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450720
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018592
reference_id show_bug.cgi?id=2018592
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018592
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4716
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-289s-f2w6-53g9
6
url VCID-351y-4nek-u3aw
vulnerability_id VCID-351y-4nek-u3aw
summary JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4698
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07524
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07537
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07448
published_at 2026-04-02T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07549
published_at 2026-04-09T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-08T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07468
published_at 2026-04-07T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4698
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450719
reference_id 2450719
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450719
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020906
reference_id show_bug.cgi?id=2020906
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020906
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4698
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-351y-4nek-u3aw
7
url VCID-3grf-hwk1-3fh8
vulnerability_id VCID-3grf-hwk1-3fh8
summary Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4719
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4719
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450746
reference_id 2450746
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450746
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016367
reference_id show_bug.cgi?id=2016367
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016367
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4719
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3grf-hwk1-3fh8
8
url VCID-3kd3-hwzv-efbn
vulnerability_id VCID-3kd3-hwzv-efbn
summary Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4721
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06184
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06213
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06155
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06223
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06228
published_at 2026-04-11T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06237
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06198
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06172
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06141
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4721
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450711
reference_id 2450711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450711
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
reference_id buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
15
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
16
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
17
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
18
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
19
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
20
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
21
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
22
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
23
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
24
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
25
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
26
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
27
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
28
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
29
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
30
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
31
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
32
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
33
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
34
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
35
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
36
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
37
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
38
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
39
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4721
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kd3-hwzv-efbn
9
url VCID-3xgu-7evz-mffw
vulnerability_id VCID-3xgu-7evz-mffw
summary Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4705
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05579
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05565
published_at 2026-04-16T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05592
published_at 2026-04-07T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05629
published_at 2026-04-11T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05656
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.0563
published_at 2026-04-08T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05594
published_at 2026-04-04T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05557
published_at 2026-04-02T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05614
published_at 2026-04-13T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.0562
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4705
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450722
reference_id 2450722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450722
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014873
reference_id show_bug.cgi?id=2014873
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014873
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4705
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xgu-7evz-mffw
10
url VCID-4q6w-tdk9-d3an
vulnerability_id VCID-4q6w-tdk9-d3an
summary Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4720
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450751
reference_id 2450751
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450751
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
reference_id buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
14
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
15
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
16
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
17
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
18
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
19
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
20
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
21
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
22
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
23
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
24
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
25
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
26
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
27
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
28
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
29
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
30
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
31
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
32
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
33
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
34
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
35
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
36
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
37
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4720
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6w-tdk9-d3an
11
url VCID-5dw5-vpt8-zqbz
vulnerability_id VCID-5dw5-vpt8-zqbz
summary Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5731
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17187
published_at 2026-04-08T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17176
published_at 2026-04-12T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17223
published_at 2026-04-11T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17244
published_at 2026-04-09T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20168
published_at 2026-04-18T12:55:00Z
5
value 0.00072
scoring_system epss
scoring_elements 0.21869
published_at 2026-04-16T12:55:00Z
6
value 0.00072
scoring_system epss
scoring_elements 0.21867
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5731
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455901
reference_id 2455901
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455901
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-26
reference_id mfsa2026-26
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-26
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-26/
reference_id mfsa2026-26
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-26/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
15
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
16
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
17
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
18
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
aliases CVE-2026-5731
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dw5-vpt8-zqbz
12
url VCID-646f-ndeq-5bee
vulnerability_id VCID-646f-ndeq-5bee
summary Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4687
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06385
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06444
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06454
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06461
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06357
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06468
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06425
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06376
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06388
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4687
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450757
reference_id 2450757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450757
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016368
reference_id show_bug.cgi?id=2016368
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016368
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4687
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-646f-ndeq-5bee
13
url VCID-675n-7uzz-pqdj
vulnerability_id VCID-675n-7uzz-pqdj
summary Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4688
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05354
published_at 2026-04-16T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05385
published_at 2026-04-04T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05422
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05449
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05426
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05392
published_at 2026-04-07T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05355
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05401
published_at 2026-04-13T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05409
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4688
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450713
reference_id 2450713
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450713
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
reference_id show_bug.cgi?id=2016373
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4688
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-675n-7uzz-pqdj
14
url VCID-6mur-mtfg-97gt
vulnerability_id VCID-6mur-mtfg-97gt
summary A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4371.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4371.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4371
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17514
published_at 2026-04-18T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17579
published_at 2026-04-08T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17763
published_at 2026-04-04T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.1749
published_at 2026-04-07T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.1764
published_at 2026-04-09T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17716
published_at 2026-04-02T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17505
published_at 2026-04-16T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.1756
published_at 2026-04-13T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17612
published_at 2026-04-12T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17659
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4371
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4371
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4371
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451001
reference_id 2451001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451001
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
9
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
10
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
11
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
12
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
13
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
14
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
15
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
16
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
17
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
18
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
19
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
20
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023493
reference_id show_bug.cgi?id=2023493
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023493
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4371
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6mur-mtfg-97gt
15
url VCID-77y6-jskt-qucb
vulnerability_id VCID-77y6-jskt-qucb
summary libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59375
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.15808
published_at 2026-04-09T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.15811
published_at 2026-04-02T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15871
published_at 2026-04-04T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15663
published_at 2026-04-07T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15748
published_at 2026-04-08T12:55:00Z
5
value 0.00058
scoring_system epss
scoring_elements 0.18215
published_at 2026-04-12T12:55:00Z
6
value 0.00058
scoring_system epss
scoring_elements 0.18121
published_at 2026-04-18T12:55:00Z
7
value 0.00058
scoring_system epss
scoring_elements 0.18164
published_at 2026-04-13T12:55:00Z
8
value 0.00058
scoring_system epss
scoring_elements 0.18108
published_at 2026-04-16T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.18262
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59375
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/libexpat/libexpat/issues/1018
reference_id 1018
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/issues/1018
5
reference_url https://github.com/libexpat/libexpat/pull/1034
reference_id 1034
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/pull/1034
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298
reference_id 1115298
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395108
reference_id 2395108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395108
8
reference_url https://issues.oss-fuzz.com/issues/439133977
reference_id 439133977
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://issues.oss-fuzz.com/issues/439133977
9
reference_url https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
reference_id Changes
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
10
reference_url https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
reference_id Changes#L45-L74
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
15
reference_url https://access.redhat.com/errata/RHSA-2025:19020
reference_id RHSA-2025:19020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19020
16
reference_url https://access.redhat.com/errata/RHSA-2025:19403
reference_id RHSA-2025:19403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19403
17
reference_url https://access.redhat.com/errata/RHSA-2025:21030
reference_id RHSA-2025:21030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21030
18
reference_url https://access.redhat.com/errata/RHSA-2025:21773
reference_id RHSA-2025:21773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21773
19
reference_url https://access.redhat.com/errata/RHSA-2025:21776
reference_id RHSA-2025:21776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21776
20
reference_url https://access.redhat.com/errata/RHSA-2025:21974
reference_id RHSA-2025:21974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21974
21
reference_url https://access.redhat.com/errata/RHSA-2025:22033
reference_id RHSA-2025:22033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22033
22
reference_url https://access.redhat.com/errata/RHSA-2025:22034
reference_id RHSA-2025:22034
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22034
23
reference_url https://access.redhat.com/errata/RHSA-2025:22035
reference_id RHSA-2025:22035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22035
24
reference_url https://access.redhat.com/errata/RHSA-2025:22175
reference_id RHSA-2025:22175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22175
25
reference_url https://access.redhat.com/errata/RHSA-2025:22607
reference_id RHSA-2025:22607
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22607
26
reference_url https://access.redhat.com/errata/RHSA-2025:22618
reference_id RHSA-2025:22618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22618
27
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
28
reference_url https://access.redhat.com/errata/RHSA-2025:22842
reference_id RHSA-2025:22842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22842
29
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
30
reference_url https://access.redhat.com/errata/RHSA-2025:22935
reference_id RHSA-2025:22935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22935
31
reference_url https://access.redhat.com/errata/RHSA-2025:23078
reference_id RHSA-2025:23078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23078
32
reference_url https://access.redhat.com/errata/RHSA-2025:23079
reference_id RHSA-2025:23079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23079
33
reference_url https://access.redhat.com/errata/RHSA-2025:23080
reference_id RHSA-2025:23080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23080
34
reference_url https://access.redhat.com/errata/RHSA-2025:23202
reference_id RHSA-2025:23202
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23202
35
reference_url https://access.redhat.com/errata/RHSA-2025:23204
reference_id RHSA-2025:23204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23204
36
reference_url https://access.redhat.com/errata/RHSA-2025:23205
reference_id RHSA-2025:23205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23205
37
reference_url https://access.redhat.com/errata/RHSA-2025:23209
reference_id RHSA-2025:23209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23209
38
reference_url https://access.redhat.com/errata/RHSA-2025:23227
reference_id RHSA-2025:23227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23227
39
reference_url https://access.redhat.com/errata/RHSA-2025:23248
reference_id RHSA-2025:23248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23248
40
reference_url https://access.redhat.com/errata/RHSA-2025:23449
reference_id RHSA-2025:23449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23449
41
reference_url https://access.redhat.com/errata/RHSA-2025:23550
reference_id RHSA-2025:23550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23550
42
reference_url https://access.redhat.com/errata/RHSA-2026:0001
reference_id RHSA-2026:0001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0001
43
reference_url https://access.redhat.com/errata/RHSA-2026:0076
reference_id RHSA-2026:0076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0076
44
reference_url https://access.redhat.com/errata/RHSA-2026:0077
reference_id RHSA-2026:0077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0077
45
reference_url https://access.redhat.com/errata/RHSA-2026:0078
reference_id RHSA-2026:0078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0078
46
reference_url https://access.redhat.com/errata/RHSA-2026:0326
reference_id RHSA-2026:0326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0326
47
reference_url https://access.redhat.com/errata/RHSA-2026:0332
reference_id RHSA-2026:0332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0332
48
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
49
reference_url https://access.redhat.com/errata/RHSA-2026:0420
reference_id RHSA-2026:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0420
50
reference_url https://access.redhat.com/errata/RHSA-2026:0518
reference_id RHSA-2026:0518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0518
51
reference_url https://access.redhat.com/errata/RHSA-2026:0674
reference_id RHSA-2026:0674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0674
52
reference_url https://access.redhat.com/errata/RHSA-2026:0677
reference_id RHSA-2026:0677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0677
53
reference_url https://access.redhat.com/errata/RHSA-2026:0702
reference_id RHSA-2026:0702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0702
54
reference_url https://access.redhat.com/errata/RHSA-2026:0934
reference_id RHSA-2026:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0934
55
reference_url https://access.redhat.com/errata/RHSA-2026:0996
reference_id RHSA-2026:0996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0996
56
reference_url https://access.redhat.com/errata/RHSA-2026:1541
reference_id RHSA-2026:1541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1541
57
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
58
reference_url https://access.redhat.com/errata/RHSA-2026:3407
reference_id RHSA-2026:3407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3407
59
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
60
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
61
reference_url https://usn.ubuntu.com/8022-1/
reference_id USN-8022-1
reference_type
scores
url https://usn.ubuntu.com/8022-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2025-59375
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77y6-jskt-qucb
16
url VCID-8qyy-e4jt-rbc4
vulnerability_id VCID-8qyy-e4jt-rbc4
summary Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4695
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4695
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450715
reference_id 2450715
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450715
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020030
reference_id show_bug.cgi?id=2020030
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020030
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4695
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qyy-e4jt-rbc4
17
url VCID-8vka-qus2-tbhj
vulnerability_id VCID-8vka-qus2-tbhj
summary Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2447
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03927
published_at 2026-04-09T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03884
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03897
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03896
published_at 2026-04-11T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03874
published_at 2026-04-02T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03839
published_at 2026-04-18T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03829
published_at 2026-04-16T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.0385
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03877
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
reference_id 1128283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440219
reference_id 2440219
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440219
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-10
reference_id mfsa2026-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-10
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-10/
reference_id mfsa2026-10
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-10/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-11
reference_id mfsa2026-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-11
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-11/
reference_id mfsa2026-11
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-11/
10
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
11
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
12
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
13
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
14
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
15
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
16
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
17
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
18
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
19
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
20
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
21
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
22
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
23
reference_url https://access.redhat.com/errata/RHSA-2026:3967
reference_id RHSA-2026:3967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3967
24
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
25
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
26
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
27
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
28
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
29
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
30
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
31
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
32
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
33
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
34
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
35
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
36
reference_url https://access.redhat.com/errata/RHSA-2026:4447
reference_id RHSA-2026:4447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4447
37
reference_url https://access.redhat.com/errata/RHSA-2026:4629
reference_id RHSA-2026:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4629
38
reference_url https://access.redhat.com/errata/RHSA-2026:5227
reference_id RHSA-2026:5227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5227
39
reference_url https://access.redhat.com/errata/RHSA-2026:5228
reference_id RHSA-2026:5228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5228
40
reference_url https://access.redhat.com/errata/RHSA-2026:5229
reference_id RHSA-2026:5229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5229
41
reference_url https://access.redhat.com/errata/RHSA-2026:5230
reference_id RHSA-2026:5230
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5230
42
reference_url https://access.redhat.com/errata/RHSA-2026:5231
reference_id RHSA-2026:5231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5231
43
reference_url https://access.redhat.com/errata/RHSA-2026:5319
reference_id RHSA-2026:5319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5319
44
reference_url https://access.redhat.com/errata/RHSA-2026:5320
reference_id RHSA-2026:5320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5320
45
reference_url https://access.redhat.com/errata/RHSA-2026:5323
reference_id RHSA-2026:5323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5323
46
reference_url https://access.redhat.com/errata/RHSA-2026:5324
reference_id RHSA-2026:5324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5324
47
reference_url https://access.redhat.com/errata/RHSA-2026:5326
reference_id RHSA-2026:5326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5326
48
reference_url https://access.redhat.com/errata/RHSA-2026:8746
reference_id RHSA-2026:8746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8746
49
reference_url https://access.redhat.com/errata/RHSA-2026:8747
reference_id RHSA-2026:8747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8747
50
reference_url https://access.redhat.com/errata/RHSA-2026:8748
reference_id RHSA-2026:8748
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8748
51
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
reference_id show_bug.cgi?id=2014390
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
52
reference_url https://usn.ubuntu.com/8053-1/
reference_id USN-8053-1
reference_type
scores
url https://usn.ubuntu.com/8053-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-2447
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj
18
url VCID-8xek-k5y2-6bfp
vulnerability_id VCID-8xek-k5y2-6bfp
summary Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4689
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07536
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07548
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07598
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07637
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0765
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07649
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07632
published_at 2026-04-08T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07573
published_at 2026-04-07T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-02T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07623
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4689
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450718
reference_id 2450718
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450718
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016374
reference_id show_bug.cgi?id=2016374
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016374
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4689
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xek-k5y2-6bfp
19
url VCID-9ag7-z86d-nba9
vulnerability_id VCID-9ag7-z86d-nba9
summary Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5734
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13955
published_at 2026-04-09T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13876
published_at 2026-04-12T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13903
published_at 2026-04-08T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13912
published_at 2026-04-11T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18547
published_at 2026-04-16T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18602
published_at 2026-04-13T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18556
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5734
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455897
reference_id 2455897
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455897
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
reference_id buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
14
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
15
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
16
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
17
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
aliases CVE-2026-5734
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ag7-z86d-nba9
20
url VCID-b4bq-q3ga-3ff1
vulnerability_id VCID-b4bq-q3ga-3ff1
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4707
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4707
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450755
reference_id 2450755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450755
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015267
reference_id show_bug.cgi?id=2015267
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015267
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4707
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4bq-q3ga-3ff1
21
url VCID-b6sf-z5tm-4uau
vulnerability_id VCID-b6sf-z5tm-4uau
summary Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4696
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07524
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07537
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07448
published_at 2026-04-02T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07549
published_at 2026-04-09T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-08T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07468
published_at 2026-04-07T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4696
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450740
reference_id 2450740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450740
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020190
reference_id show_bug.cgi?id=2020190
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020190
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4696
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6sf-z5tm-4uau
22
url VCID-e2k8-m9sm-8uek
vulnerability_id VCID-e2k8-m9sm-8uek
summary Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4699
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4699
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450739
reference_id 2450739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450739
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021863
reference_id show_bug.cgi?id=2021863
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021863
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4699
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2k8-m9sm-8uek
23
url VCID-ft6u-geds-fua9
vulnerability_id VCID-ft6u-geds-fua9
summary JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4702
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4702
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450744
reference_id 2450744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450744
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013560
reference_id show_bug.cgi?id=2013560
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013560
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4702
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft6u-geds-fua9
24
url VCID-gkva-6cu9-7keg
vulnerability_id VCID-gkva-6cu9-7keg
summary Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4692
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.0698
published_at 2026-04-18T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06995
published_at 2026-04-16T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07055
published_at 2026-04-13T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07064
published_at 2026-04-12T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.07075
published_at 2026-04-11T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06948
published_at 2026-04-02T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.07068
published_at 2026-04-09T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.07037
published_at 2026-04-08T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06982
published_at 2026-04-07T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.07002
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4692
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450748
reference_id 2450748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450748
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017643
reference_id show_bug.cgi?id=2017643
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017643
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4692
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkva-6cu9-7keg
25
url VCID-hshc-4xnc-gug4
vulnerability_id VCID-hshc-4xnc-gug4
summary Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4704
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450756
reference_id 2450756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450756
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014868
reference_id show_bug.cgi?id=2014868
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014868
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4704
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hshc-4xnc-gug4
26
url VCID-hstd-23qm-bqdg
vulnerability_id VCID-hstd-23qm-bqdg
summary Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4717
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4717
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450712
reference_id 2450712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450712
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021695
reference_id show_bug.cgi?id=2021695
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021695
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4717
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hstd-23qm-bqdg
27
url VCID-j1hb-8jjy-tqgq
vulnerability_id VCID-j1hb-8jjy-tqgq
summary Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4693
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450741
reference_id 2450741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450741
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018102
reference_id show_bug.cgi?id=2018102
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018102
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4693
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1hb-8jjy-tqgq
28
url VCID-kuwd-6tcg-fuha
vulnerability_id VCID-kuwd-6tcg-fuha
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4713
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4713
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450730
reference_id 2450730
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450730
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018113
reference_id show_bug.cgi?id=2018113
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018113
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4713
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwd-6tcg-fuha
29
url VCID-m6uv-91wz-xfdv
vulnerability_id VCID-m6uv-91wz-xfdv
summary Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4700
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05916
published_at 2026-04-18T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05905
published_at 2026-04-16T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05901
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05959
published_at 2026-04-11T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05978
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05939
published_at 2026-04-08T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.0591
published_at 2026-04-04T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05877
published_at 2026-04-02T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-13T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4700
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450752
reference_id 2450752
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450752
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2003766
reference_id show_bug.cgi?id=2003766
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2003766
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4700
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6uv-91wz-xfdv
30
url VCID-mm6w-kpe8-4kg3
vulnerability_id VCID-mm6w-kpe8-4kg3
summary Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4684
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02825
published_at 2026-04-18T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.02814
published_at 2026-04-16T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.02853
published_at 2026-04-04T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.02835
published_at 2026-04-12T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.02854
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02884
published_at 2026-04-09T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02863
published_at 2026-04-08T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02861
published_at 2026-04-07T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02837
published_at 2026-04-02T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.0283
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4684
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450721
reference_id 2450721
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450721
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2011129
reference_id show_bug.cgi?id=2011129
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2011129
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4684
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mm6w-kpe8-4kg3
31
url VCID-nvsz-9s3r-nbhq
vulnerability_id VCID-nvsz-9s3r-nbhq
summary Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4718
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01668
published_at 2026-04-18T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01665
published_at 2026-04-16T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01692
published_at 2026-04-04T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01686
published_at 2026-04-11T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01701
published_at 2026-04-09T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01693
published_at 2026-04-08T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01691
published_at 2026-04-07T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01683
published_at 2026-04-02T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01676
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450742
reference_id 2450742
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450742
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014864
reference_id show_bug.cgi?id=2014864
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014864
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4718
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvsz-9s3r-nbhq
32
url VCID-qbzp-euvv-q7c7
vulnerability_id VCID-qbzp-euvv-q7c7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5732
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.1175
published_at 2026-04-12T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11789
published_at 2026-04-11T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11778
published_at 2026-04-09T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11723
published_at 2026-04-08T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12742
published_at 2026-04-18T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12835
published_at 2026-04-13T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12738
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5732
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455908
reference_id 2455908
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455908
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
13
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
14
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
15
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
16
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
17
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
reference_id show_bug.cgi?id=2017867
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
aliases CVE-2026-5732
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbzp-euvv-q7c7
33
url VCID-qkks-24cp-gqg2
vulnerability_id VCID-qkks-24cp-gqg2
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4706
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4706
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450714
reference_id 2450714
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450714
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015091
reference_id show_bug.cgi?id=2015091
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015091
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4706
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkks-24cp-gqg2
34
url VCID-rp5h-ym8y-skbw
vulnerability_id VCID-rp5h-ym8y-skbw
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4701
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4701
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450710
reference_id 2450710
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450710
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2009303
reference_id show_bug.cgi?id=2009303
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2009303
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4701
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5h-ym8y-skbw
35
url VCID-t4t3-5pt5-ayds
vulnerability_id VCID-t4t3-5pt5-ayds
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4685
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4685
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450724
reference_id 2450724
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450724
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016349
reference_id show_bug.cgi?id=2016349
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016349
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4685
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t3-5pt5-ayds
36
url VCID-u3j3-fc4f-7ff7
vulnerability_id VCID-u3j3-fc4f-7ff7
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4686
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4686
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450734
reference_id 2450734
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450734
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016351
reference_id show_bug.cgi?id=2016351
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016351
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4686
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3j3-fc4f-7ff7
37
url VCID-wmyy-2cg3-wyhc
vulnerability_id VCID-wmyy-2cg3-wyhc
summary Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4697
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450729
reference_id 2450729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450729
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020422
reference_id show_bug.cgi?id=2020422
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020422
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4697
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyy-2cg3-wyhc
38
url VCID-wqw2-gjvu-6qbu
vulnerability_id VCID-wqw2-gjvu-6qbu
summary Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4690
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05479
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05518
published_at 2026-04-13T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05525
published_at 2026-04-12T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05537
published_at 2026-04-11T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05562
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05469
published_at 2026-04-16T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.0554
published_at 2026-04-08T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05504
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450732
reference_id 2450732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450732
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016375
reference_id show_bug.cgi?id=2016375
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016375
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4690
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw2-gjvu-6qbu
39
url VCID-wvx2-pba2-sqha
vulnerability_id VCID-wvx2-pba2-sqha
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4708
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450735
reference_id 2450735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450735
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015268
reference_id show_bug.cgi?id=2015268
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015268
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4708
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvx2-pba2-sqha
40
url VCID-yjc2-2whn-uug5
vulnerability_id VCID-yjc2-2whn-uug5
summary Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4694
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.054
published_at 2026-04-18T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05442
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05448
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05462
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.0549
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05393
published_at 2026-04-16T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05469
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05434
published_at 2026-04-07T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05426
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4694
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450747
reference_id 2450747
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450747
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018430
reference_id show_bug.cgi?id=2018430
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018430
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4694
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjc2-2whn-uug5
41
url VCID-ymak-rv52-h7a5
vulnerability_id VCID-ymak-rv52-h7a5
summary Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4710
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450727
reference_id 2450727
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450727
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016370
reference_id show_bug.cgi?id=2016370
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016370
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4710
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymak-rv52-h7a5
Fixing_vulnerabilities
0
url VCID-1hay-xe3q-gyb4
vulnerability_id VCID-1hay-xe3q-gyb4
summary Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2789
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15283
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15276
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15358
published_at 2026-04-13T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-12T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15461
published_at 2026-04-11T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15489
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15497
published_at 2026-04-09T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15447
published_at 2026-04-08T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.1536
published_at 2026-04-07T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1556
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2789
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442322
reference_id 2442322
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442322
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015179
reference_id show_bug.cgi?id=2015179
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015179
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2789
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hay-xe3q-gyb4
1
url VCID-1u8u-pnq3-t7ae
vulnerability_id VCID-1u8u-pnq3-t7ae
summary Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2757
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20418
published_at 2026-04-18T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20428
published_at 2026-04-13T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20483
published_at 2026-04-12T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.20528
published_at 2026-04-11T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20504
published_at 2026-04-09T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.20579
published_at 2026-04-02T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.20447
published_at 2026-04-08T12:55:00Z
7
value 0.00066
scoring_system epss
scoring_elements 0.20366
published_at 2026-04-07T12:55:00Z
8
value 0.00066
scoring_system epss
scoring_elements 0.20638
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2757
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442324
reference_id 2442324
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442324
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2001637
reference_id show_bug.cgi?id=2001637
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2001637
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2757
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1u8u-pnq3-t7ae
2
url VCID-1v2s-g46y-ybdc
vulnerability_id VCID-1v2s-g46y-ybdc
summary Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2792
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21325
published_at 2026-04-18T12:55:00Z
1
value 0.0007
scoring_system epss
scoring_elements 0.21317
published_at 2026-04-16T12:55:00Z
2
value 0.0007
scoring_system epss
scoring_elements 0.21267
published_at 2026-04-07T12:55:00Z
3
value 0.0007
scoring_system epss
scoring_elements 0.21415
published_at 2026-04-11T12:55:00Z
4
value 0.0007
scoring_system epss
scoring_elements 0.21407
published_at 2026-04-09T12:55:00Z
5
value 0.0007
scoring_system epss
scoring_elements 0.21346
published_at 2026-04-08T12:55:00Z
6
value 0.0007
scoring_system epss
scoring_elements 0.21514
published_at 2026-04-04T12:55:00Z
7
value 0.0007
scoring_system epss
scoring_elements 0.21461
published_at 2026-04-02T12:55:00Z
8
value 0.0007
scoring_system epss
scoring_elements 0.21321
published_at 2026-04-13T12:55:00Z
9
value 0.0007
scoring_system epss
scoring_elements 0.21376
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2792
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442318
reference_id 2442318
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442318
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331
reference_id buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
14
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
15
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
16
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
17
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
18
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
19
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
20
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
21
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
22
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
23
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
24
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
25
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
26
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
27
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
28
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
29
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
30
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
31
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
32
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
33
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
34
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
35
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
36
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
37
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
38
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2792
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1v2s-g46y-ybdc
3
url VCID-3gmj-y8qd-ufej
vulnerability_id VCID-3gmj-y8qd-ufej
summary Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2787
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15283
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15276
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15358
published_at 2026-04-13T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-12T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15461
published_at 2026-04-11T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15489
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15497
published_at 2026-04-09T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15447
published_at 2026-04-08T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.1536
published_at 2026-04-07T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1556
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2787
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442297
reference_id 2442297
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442297
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014560
reference_id show_bug.cgi?id=2014560
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014560
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2787
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gmj-y8qd-ufej
4
url VCID-3sg3-9yx7-fufa
vulnerability_id VCID-3sg3-9yx7-fufa
summary Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2790
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05913
published_at 2026-04-18T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-16T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05897
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05956
published_at 2026-04-11T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05974
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05935
published_at 2026-04-08T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05904
published_at 2026-04-04T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-02T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05937
published_at 2026-04-13T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05946
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2790
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442313
reference_id 2442313
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442313
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2008426
reference_id show_bug.cgi?id=2008426
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2008426
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2790
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3sg3-9yx7-fufa
5
url VCID-4xqc-36jb-63c2
vulnerability_id VCID-4xqc-36jb-63c2
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2786
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.14964
published_at 2026-04-18T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.14955
published_at 2026-04-16T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15044
published_at 2026-04-07T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15153
published_at 2026-04-11T12:55:00Z
4
value 0.00049
scoring_system epss
scoring_elements 0.15183
published_at 2026-04-09T12:55:00Z
5
value 0.00049
scoring_system epss
scoring_elements 0.15132
published_at 2026-04-08T12:55:00Z
6
value 0.00049
scoring_system epss
scoring_elements 0.15239
published_at 2026-04-04T12:55:00Z
7
value 0.00049
scoring_system epss
scoring_elements 0.15172
published_at 2026-04-02T12:55:00Z
8
value 0.00049
scoring_system epss
scoring_elements 0.15055
published_at 2026-04-13T12:55:00Z
9
value 0.00049
scoring_system epss
scoring_elements 0.15116
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2786
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442320
reference_id 2442320
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442320
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013612
reference_id show_bug.cgi?id=2013612
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013612
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2786
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xqc-36jb-63c2
6
url VCID-5ept-fu7g-8kes
vulnerability_id VCID-5ept-fu7g-8kes
summary Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2780
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03994
published_at 2026-04-18T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03982
published_at 2026-04-16T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04043
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.0404
published_at 2026-04-11T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04067
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04048
published_at 2026-04-08T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04029
published_at 2026-04-04T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04011
published_at 2026-04-02T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03999
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04026
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2780
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442334
reference_id 2442334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442334
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2007829
reference_id show_bug.cgi?id=2007829
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2007829
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2780
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ept-fu7g-8kes
7
url VCID-6cx1-8t9m-u3av
vulnerability_id VCID-6cx1-8t9m-u3av
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0886
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04551
published_at 2026-04-18T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04541
published_at 2026-04-16T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04544
published_at 2026-04-04T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04582
published_at 2026-04-12T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04599
published_at 2026-04-11T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-09T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04594
published_at 2026-04-08T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04559
published_at 2026-04-07T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04521
published_at 2026-04-02T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04566
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0886
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428978
reference_id 2428978
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428978
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
reference_id mfsa2026-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-02/
reference_id mfsa2026-02
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-02/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
15
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
16
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
17
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
18
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
19
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
20
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
21
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
22
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
23
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
24
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
25
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
26
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
27
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
28
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
29
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
30
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
31
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
32
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
33
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
34
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
35
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
36
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
37
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2005658
reference_id show_bug.cgi?id=2005658
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2005658
39
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0886
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6cx1-8t9m-u3av
8
url VCID-6fsa-bnes-tkff
vulnerability_id VCID-6fsa-bnes-tkff
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2765
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.0615
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06138
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06121
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06192
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06201
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06164
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06137
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06107
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06179
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06187
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2765
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442333
reference_id 2442333
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442333
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013562
reference_id show_bug.cgi?id=2013562
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013562
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2765
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fsa-bnes-tkff
9
url VCID-7wmw-hpfw-vuaa
vulnerability_id VCID-7wmw-hpfw-vuaa
summary Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2761
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.34007
published_at 2026-04-18T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.3402
published_at 2026-04-16T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.33986
published_at 2026-04-13T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.3401
published_at 2026-04-12T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.34053
published_at 2026-04-11T12:55:00Z
5
value 0.00139
scoring_system epss
scoring_elements 0.34089
published_at 2026-04-02T12:55:00Z
6
value 0.00139
scoring_system epss
scoring_elements 0.34054
published_at 2026-04-09T12:55:00Z
7
value 0.00139
scoring_system epss
scoring_elements 0.34023
published_at 2026-04-08T12:55:00Z
8
value 0.00139
scoring_system epss
scoring_elements 0.33981
published_at 2026-04-07T12:55:00Z
9
value 0.00139
scoring_system epss
scoring_elements 0.34121
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2761
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442309
reference_id 2442309
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442309
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2011063
reference_id show_bug.cgi?id=2011063
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2011063
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2761
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wmw-hpfw-vuaa
10
url VCID-8u4y-zrhv-8fe9
vulnerability_id VCID-8u4y-zrhv-8fe9
summary Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0887
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02701
published_at 2026-04-18T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02691
published_at 2026-04-16T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02729
published_at 2026-04-04T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.0273
published_at 2026-04-11T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02759
published_at 2026-04-09T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02739
published_at 2026-04-08T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02737
published_at 2026-04-07T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02714
published_at 2026-04-12T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02711
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0887
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428972
reference_id 2428972
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428972
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2006500
reference_id show_bug.cgi?id=2006500
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2006500
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0887
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u4y-zrhv-8fe9
11
url VCID-8zy6-g8kn-hbdc
vulnerability_id VCID-8zy6-g8kn-hbdc
summary Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2775
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07555
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07567
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07642
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07657
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0767
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07576
published_at 2026-04-02T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07669
published_at 2026-04-09T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07651
published_at 2026-04-08T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07592
published_at 2026-04-07T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07619
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2775
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442314
reference_id 2442314
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442314
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015199
reference_id show_bug.cgi?id=2015199
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015199
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2775
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zy6-g8kn-hbdc
12
url VCID-9zxb-j4ep-n7g9
vulnerability_id VCID-9zxb-j4ep-n7g9
summary Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2791
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.0741
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07421
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07461
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07526
published_at 2026-04-11T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07523
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.075
published_at 2026-04-13T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07443
published_at 2026-04-07T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07418
published_at 2026-04-02T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07512
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2791
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442342
reference_id 2442342
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442342
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015220
reference_id show_bug.cgi?id=2015220
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015220
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2791
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zxb-j4ep-n7g9
13
url VCID-a98z-hwzc-wkcj
vulnerability_id VCID-a98z-hwzc-wkcj
summary Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0882
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05509
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05498
published_at 2026-04-16T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05549
published_at 2026-04-13T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05555
published_at 2026-04-12T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05568
published_at 2026-04-11T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.055
published_at 2026-04-02T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05595
published_at 2026-04-09T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05571
published_at 2026-04-08T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05533
published_at 2026-04-07T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05534
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0882
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428966
reference_id 2428966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428966
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
reference_id mfsa2026-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-02/
reference_id mfsa2026-02
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/
url https://www.mozilla.org/security/advisories/mfsa2026-02/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
15
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
16
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
17
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
18
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
19
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
20
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
21
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
22
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
23
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
24
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
25
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
26
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
27
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
28
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
29
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
30
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
31
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
32
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
33
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
34
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
35
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
36
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
37
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1924125
reference_id show_bug.cgi?id=1924125
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1924125
39
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0882
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a98z-hwzc-wkcj
14
url VCID-azdd-vdn3-kffy
vulnerability_id VCID-azdd-vdn3-kffy
summary Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2758
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20418
published_at 2026-04-18T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20428
published_at 2026-04-13T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20483
published_at 2026-04-12T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.20528
published_at 2026-04-11T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20504
published_at 2026-04-09T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.20579
published_at 2026-04-02T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.20447
published_at 2026-04-08T12:55:00Z
7
value 0.00066
scoring_system epss
scoring_elements 0.20366
published_at 2026-04-07T12:55:00Z
8
value 0.00066
scoring_system epss
scoring_elements 0.20638
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2758
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442337
reference_id 2442337
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442337
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2009608
reference_id show_bug.cgi?id=2009608
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2009608
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2758
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azdd-vdn3-kffy
15
url VCID-b5jm-57h2-2qcs
vulnerability_id VCID-b5jm-57h2-2qcs
summary JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2764
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06477
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06469
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06534
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06543
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0655
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06441
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06556
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06515
published_at 2026-04-08T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06464
published_at 2026-04-07T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06476
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2764
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442329
reference_id 2442329
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442329
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2012608
reference_id show_bug.cgi?id=2012608
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2012608
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2764
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5jm-57h2-2qcs
16
url VCID-b8dx-232z-qbbc
vulnerability_id VCID-b8dx-232z-qbbc
summary Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2779
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20101
published_at 2026-04-18T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20097
published_at 2026-04-16T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20044
published_at 2026-04-07T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20207
published_at 2026-04-11T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20182
published_at 2026-04-09T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20124
published_at 2026-04-08T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.2032
published_at 2026-04-04T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20261
published_at 2026-04-02T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20104
published_at 2026-04-13T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20162
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2779
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442327
reference_id 2442327
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442327
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1164141
reference_id show_bug.cgi?id=1164141
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1164141
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2779
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8dx-232z-qbbc
17
url VCID-cpez-x3zd-p7bu
vulnerability_id VCID-cpez-x3zd-p7bu
summary Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2785
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.14964
published_at 2026-04-18T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.14955
published_at 2026-04-16T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15044
published_at 2026-04-07T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15153
published_at 2026-04-11T12:55:00Z
4
value 0.00049
scoring_system epss
scoring_elements 0.15183
published_at 2026-04-09T12:55:00Z
5
value 0.00049
scoring_system epss
scoring_elements 0.15132
published_at 2026-04-08T12:55:00Z
6
value 0.00049
scoring_system epss
scoring_elements 0.15239
published_at 2026-04-04T12:55:00Z
7
value 0.00049
scoring_system epss
scoring_elements 0.15172
published_at 2026-04-02T12:55:00Z
8
value 0.00049
scoring_system epss
scoring_elements 0.15055
published_at 2026-04-13T12:55:00Z
9
value 0.00049
scoring_system epss
scoring_elements 0.15116
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2785
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442284
reference_id 2442284
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442284
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013549
reference_id show_bug.cgi?id=2013549
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013549
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2785
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpez-x3zd-p7bu
18
url VCID-deth-9krh-kufj
vulnerability_id VCID-deth-9krh-kufj
summary Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0890
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03993
published_at 2026-04-18T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03981
published_at 2026-04-16T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04028
published_at 2026-04-04T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.0404
published_at 2026-04-11T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04067
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04048
published_at 2026-04-08T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04043
published_at 2026-04-07T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04011
published_at 2026-04-02T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03998
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04026
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0890
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428971
reference_id 2428971
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428971
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2005081
reference_id show_bug.cgi?id=2005081
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2005081
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0890
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-deth-9krh-kufj
19
url VCID-dxwp-5jfs-nuew
vulnerability_id VCID-dxwp-5jfs-nuew
summary Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2778
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23109
published_at 2026-04-18T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23116
published_at 2026-04-16T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23102
published_at 2026-04-13T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.2316
published_at 2026-04-12T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23197
published_at 2026-04-11T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23216
published_at 2026-04-02T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23176
published_at 2026-04-09T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.23123
published_at 2026-04-08T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.2305
published_at 2026-04-07T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23259
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2778
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442335
reference_id 2442335
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442335
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016358
reference_id show_bug.cgi?id=2016358
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016358
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2778
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxwp-5jfs-nuew
20
url VCID-gcnq-avax-aqcv
vulnerability_id VCID-gcnq-avax-aqcv
summary Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2776
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23109
published_at 2026-04-18T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23116
published_at 2026-04-16T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23259
published_at 2026-04-04T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.2316
published_at 2026-04-12T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23197
published_at 2026-04-11T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23176
published_at 2026-04-09T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23123
published_at 2026-04-08T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.2305
published_at 2026-04-07T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.23216
published_at 2026-04-02T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23102
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2776
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442291
reference_id 2442291
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442291
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015266
reference_id show_bug.cgi?id=2015266
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015266
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2776
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcnq-avax-aqcv
21
url VCID-h2gc-zk2a-1fg6
vulnerability_id VCID-h2gc-zk2a-1fg6
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0884
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07092
published_at 2026-04-18T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07115
published_at 2026-04-16T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07117
published_at 2026-04-07T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07198
published_at 2026-04-11T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.072
published_at 2026-04-09T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.0717
published_at 2026-04-08T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.0714
published_at 2026-04-04T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07091
published_at 2026-04-02T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07178
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07187
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0884
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428967
reference_id 2428967
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428967
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2003588
reference_id show_bug.cgi?id=2003588
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2003588
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0884
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h2gc-zk2a-1fg6
22
url VCID-hsc9-up4x-nbgs
vulnerability_id VCID-hsc9-up4x-nbgs
summary Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2762
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20101
published_at 2026-04-18T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20097
published_at 2026-04-16T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20044
published_at 2026-04-07T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20207
published_at 2026-04-11T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20182
published_at 2026-04-09T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20124
published_at 2026-04-08T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.2032
published_at 2026-04-04T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20261
published_at 2026-04-02T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20104
published_at 2026-04-13T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20162
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2762
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442308
reference_id 2442308
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442308
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2011649
reference_id show_bug.cgi?id=2011649
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2011649
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2762
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hsc9-up4x-nbgs
23
url VCID-jybh-8px4-pqau
vulnerability_id VCID-jybh-8px4-pqau
summary Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0885
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05686
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05676
published_at 2026-04-16T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05697
published_at 2026-04-04T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05734
published_at 2026-04-11T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05756
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05729
published_at 2026-04-08T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05689
published_at 2026-04-07T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05657
published_at 2026-04-02T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.0572
published_at 2026-04-13T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05726
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0885
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428961
reference_id 2428961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428961
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2003607
reference_id show_bug.cgi?id=2003607
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2003607
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0885
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jybh-8px4-pqau
24
url VCID-kk2m-2mxz-sbex
vulnerability_id VCID-kk2m-2mxz-sbex
summary Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, Firefox ESR < 140.7, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14327
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02672
published_at 2026-04-04T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02659
published_at 2026-04-02T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02702
published_at 2026-04-09T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02682
published_at 2026-04-08T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.0268
published_at 2026-04-07T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03467
published_at 2026-04-11T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03391
published_at 2026-04-16T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03415
published_at 2026-04-13T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03439
published_at 2026-04-12T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03403
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14327
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2420507
reference_id 2420507
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2420507
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-92
reference_id mfsa2025-92
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-92
6
reference_url https://www.mozilla.org/security/advisories/mfsa2025-92/
reference_id mfsa2025-92
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-92/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-95
reference_id mfsa2025-95
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-95
8
reference_url https://www.mozilla.org/security/advisories/mfsa2025-95/
reference_id mfsa2025-95
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-95/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1970743
reference_id show_bug.cgi?id=1970743
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1970743
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2025-14327
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kk2m-2mxz-sbex
25
url VCID-m3mp-su9k-sfhs
vulnerability_id VCID-m3mp-su9k-sfhs
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2763
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06265
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06295
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06306
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.0631
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06318
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06226
published_at 2026-04-02T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06276
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06232
published_at 2026-04-07T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06252
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2763
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442316
reference_id 2442316
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442316
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2012018
reference_id show_bug.cgi?id=2012018
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2012018
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2763
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3mp-su9k-sfhs
26
url VCID-menq-g5ce-1yd8
vulnerability_id VCID-menq-g5ce-1yd8
summary Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2793
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21686
published_at 2026-04-18T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21679
published_at 2026-04-16T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21678
published_at 2026-04-13T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21735
published_at 2026-04-12T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21775
published_at 2026-04-11T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21825
published_at 2026-04-02T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21763
published_at 2026-04-09T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21706
published_at 2026-04-08T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.2163
published_at 2026-04-07T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21878
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2793
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442287
reference_id 2442287
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442287
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498
reference_id buglist.cgi?bug_id=2015196%2C2016423%2C2016498
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
15
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
16
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
17
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
18
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
19
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
20
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
21
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
22
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
23
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
24
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
25
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
26
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
27
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
28
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
29
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
30
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
31
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
32
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
33
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
34
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
35
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
36
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
37
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
38
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
39
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
40
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2793
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-menq-g5ce-1yd8
27
url VCID-mn6j-2wd1-ukfb
vulnerability_id VCID-mn6j-2wd1-ukfb
summary Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2774
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15283
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15276
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.1536
published_at 2026-04-07T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-12T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15461
published_at 2026-04-11T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15497
published_at 2026-04-09T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15447
published_at 2026-04-08T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.1556
published_at 2026-04-04T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.15489
published_at 2026-04-02T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.15358
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2774
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442290
reference_id 2442290
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442290
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014883
reference_id show_bug.cgi?id=2014883
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014883
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2774
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mn6j-2wd1-ukfb
28
url VCID-ndd4-kd1y-z7ep
vulnerability_id VCID-ndd4-kd1y-z7ep
summary Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0878
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.07712
published_at 2026-04-18T12:55:00Z
1
value 0.00028
scoring_system epss
scoring_elements 0.07739
published_at 2026-04-16T12:55:00Z
2
value 0.00028
scoring_system epss
scoring_elements 0.07827
published_at 2026-04-04T12:55:00Z
3
value 0.00028
scoring_system epss
scoring_elements 0.07851
published_at 2026-04-11T12:55:00Z
4
value 0.00028
scoring_system epss
scoring_elements 0.07861
published_at 2026-04-09T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.0784
published_at 2026-04-08T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.07783
published_at 2026-04-07T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.0778
published_at 2026-04-02T12:55:00Z
8
value 0.00028
scoring_system epss
scoring_elements 0.07825
published_at 2026-04-13T12:55:00Z
9
value 0.00028
scoring_system epss
scoring_elements 0.07838
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0878
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428965
reference_id 2428965
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428965
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2003989
reference_id show_bug.cgi?id=2003989
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2003989
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0878
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ndd4-kd1y-z7ep
29
url VCID-nhsr-4zux-2bck
vulnerability_id VCID-nhsr-4zux-2bck
summary Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2769
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15468
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15462
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15536
published_at 2026-04-13T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15599
published_at 2026-04-12T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15634
published_at 2026-04-11T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.1566
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15667
published_at 2026-04-09T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15612
published_at 2026-04-08T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.15526
published_at 2026-04-07T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.15724
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2769
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442295
reference_id 2442295
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442295
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014550
reference_id show_bug.cgi?id=2014550
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014550
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2769
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nhsr-4zux-2bck
30
url VCID-nkpq-9gd6-nuc4
vulnerability_id VCID-nkpq-9gd6-nuc4
summary Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0891
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06662
published_at 2026-04-18T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06673
published_at 2026-04-16T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06688
published_at 2026-04-04T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06742
published_at 2026-04-13T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06749
published_at 2026-04-12T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06757
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06724
published_at 2026-04-08T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06674
published_at 2026-04-07T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06643
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0891
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428963
reference_id 2428963
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428963
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278
reference_id buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T14:32:50Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T14:32:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T14:32:50Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T14:32:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T14:32:50Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
14
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
15
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
16
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
17
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
18
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
19
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
20
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
21
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
22
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
23
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
24
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
25
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
26
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
27
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
28
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
29
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
30
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
31
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
32
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
33
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
34
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
35
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
36
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0891
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nkpq-9gd6-nuc4
31
url VCID-ntqr-ptmu-yuen
vulnerability_id VCID-ntqr-ptmu-yuen
summary Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2767
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.14964
published_at 2026-04-18T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.14955
published_at 2026-04-16T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15044
published_at 2026-04-07T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15153
published_at 2026-04-11T12:55:00Z
4
value 0.00049
scoring_system epss
scoring_elements 0.15183
published_at 2026-04-09T12:55:00Z
5
value 0.00049
scoring_system epss
scoring_elements 0.15132
published_at 2026-04-08T12:55:00Z
6
value 0.00049
scoring_system epss
scoring_elements 0.15239
published_at 2026-04-04T12:55:00Z
7
value 0.00049
scoring_system epss
scoring_elements 0.15172
published_at 2026-04-02T12:55:00Z
8
value 0.00049
scoring_system epss
scoring_elements 0.15055
published_at 2026-04-13T12:55:00Z
9
value 0.00049
scoring_system epss
scoring_elements 0.15116
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2767
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442328
reference_id 2442328
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442328
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013741
reference_id show_bug.cgi?id=2013741
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013741
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2767
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntqr-ptmu-yuen
32
url VCID-p9zh-7wyj-hffm
vulnerability_id VCID-p9zh-7wyj-hffm
summary Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2771
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20428
published_at 2026-04-13T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20579
published_at 2026-04-02T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20418
published_at 2026-04-18T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.20638
published_at 2026-04-04T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20366
published_at 2026-04-07T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.20447
published_at 2026-04-08T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.20504
published_at 2026-04-09T12:55:00Z
7
value 0.00066
scoring_system epss
scoring_elements 0.20528
published_at 2026-04-11T12:55:00Z
8
value 0.00066
scoring_system epss
scoring_elements 0.20483
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2771
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442288
reference_id 2442288
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442288
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-03T01:45:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-03T01:45:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-03T01:45:06Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-03T01:45:06Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-03T01:45:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014593
reference_id show_bug.cgi?id=2014593
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-03T01:45:06Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014593
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2771
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9zh-7wyj-hffm
33
url VCID-pemg-ndu8-wbbc
vulnerability_id VCID-pemg-ndu8-wbbc
summary Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0879
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07235
published_at 2026-04-18T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07239
published_at 2026-04-16T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07273
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07319
published_at 2026-04-12T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07331
published_at 2026-04-11T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07333
published_at 2026-04-09T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07307
published_at 2026-04-08T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07252
published_at 2026-04-07T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07229
published_at 2026-04-02T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07309
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0879
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428973
reference_id 2428973
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428973
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
reference_id mfsa2026-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-02/
reference_id mfsa2026-02
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/
url https://www.mozilla.org/security/advisories/mfsa2026-02/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
15
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
16
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
17
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
18
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
19
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
20
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
21
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
22
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
23
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
24
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
25
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
26
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
27
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
28
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
29
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
30
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
31
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
32
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
33
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
34
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
35
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
36
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
37
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2004602
reference_id show_bug.cgi?id=2004602
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2004602
39
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0879
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pemg-ndu8-wbbc
34
url VCID-q1pv-avug-juef
vulnerability_id VCID-q1pv-avug-juef
summary Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2777
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.19876
published_at 2026-04-18T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.19871
published_at 2026-04-16T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19894
published_at 2026-04-13T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.19952
published_at 2026-04-12T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19997
published_at 2026-04-11T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.20059
published_at 2026-04-02T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.19977
published_at 2026-04-09T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.19923
published_at 2026-04-08T12:55:00Z
8
value 0.00064
scoring_system epss
scoring_elements 0.19843
published_at 2026-04-07T12:55:00Z
9
value 0.00064
scoring_system epss
scoring_elements 0.20117
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2777
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442312
reference_id 2442312
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442312
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015305
reference_id show_bug.cgi?id=2015305
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015305
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2777
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q1pv-avug-juef
35
url VCID-qcxw-ds31-3ubd
vulnerability_id VCID-qcxw-ds31-3ubd
summary 
When a user explicitly requested Thunderbird to decrypt an inline
OpenPGP message that was embedded in a text section of an email
that was formatted and styled with HTML and CSS, then the
decrypted contents were rendered in a context in which the CSS
styles from the outer messages were active. If the user had
additionally allowed loading of the remote content referenced by
the outer email message, and the email was crafted by the sender
using a combination of CSS rules and fonts and animations, then
it was possible to extract the secret contents of the email.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0818.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0818.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0818
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00374
published_at 2026-04-02T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00376
published_at 2026-04-04T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00512
published_at 2026-04-11T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00508
published_at 2026-04-16T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00509
published_at 2026-04-12T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00511
published_at 2026-04-13T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00515
published_at 2026-04-07T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00513
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0818
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0818
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2433720
reference_id 2433720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2433720
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-07
reference_id mfsa2026-07
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-07
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-07/
reference_id mfsa2026-07
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T16:50:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-07/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-08
reference_id mfsa2026-08
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-08
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-08/
reference_id mfsa2026-08
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T16:50:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-08/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1881530
reference_id show_bug.cgi?id=1881530
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T16:50:27Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1881530
10
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0818
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcxw-ds31-3ubd
36
url VCID-qm8f-f8nr-qba9
vulnerability_id VCID-qm8f-f8nr-qba9
summary Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0880
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05509
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05498
published_at 2026-04-16T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05534
published_at 2026-04-04T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05555
published_at 2026-04-12T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05568
published_at 2026-04-11T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05595
published_at 2026-04-09T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05571
published_at 2026-04-08T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05533
published_at 2026-04-07T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.055
published_at 2026-04-02T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05549
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0880
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428975
reference_id 2428975
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428975
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
reference_id mfsa2026-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-02/
reference_id mfsa2026-02
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-02/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
15
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
16
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
17
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
18
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
19
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
20
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
21
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
22
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
23
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
24
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
25
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
26
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
27
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
28
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
29
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
30
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
31
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
32
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
33
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
34
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
35
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
36
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
37
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2005014
reference_id show_bug.cgi?id=2005014
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2005014
39
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0880
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm8f-f8nr-qba9
37
url VCID-qta2-8rnt-k7d1
vulnerability_id VCID-qta2-8rnt-k7d1
summary Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2788
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06265
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06295
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06306
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.0631
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06318
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06226
published_at 2026-04-02T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06276
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06232
published_at 2026-04-07T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06252
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442302
reference_id 2442302
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442302
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014824
reference_id show_bug.cgi?id=2014824
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014824
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2788
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qta2-8rnt-k7d1
38
url VCID-r7vt-w149-9bfn
vulnerability_id VCID-r7vt-w149-9bfn
summary Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2773
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.0783
published_at 2026-04-18T12:55:00Z
1
value 0.00028
scoring_system epss
scoring_elements 0.07845
published_at 2026-04-16T12:55:00Z
2
value 0.00028
scoring_system epss
scoring_elements 0.07891
published_at 2026-04-07T12:55:00Z
3
value 0.00028
scoring_system epss
scoring_elements 0.07941
published_at 2026-04-12T12:55:00Z
4
value 0.00028
scoring_system epss
scoring_elements 0.07958
published_at 2026-04-11T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.0797
published_at 2026-04-09T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.07949
published_at 2026-04-08T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.07934
published_at 2026-04-04T12:55:00Z
8
value 0.00028
scoring_system epss
scoring_elements 0.07886
published_at 2026-04-02T12:55:00Z
9
value 0.00028
scoring_system epss
scoring_elements 0.07927
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2773
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442319
reference_id 2442319
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442319
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014832
reference_id show_bug.cgi?id=2014832
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014832
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2773
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7vt-w149-9bfn
39
url VCID-sgwe-9xfj-6kav
vulnerability_id VCID-sgwe-9xfj-6kav
summary Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2783
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12003
published_at 2026-04-18T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12007
published_at 2026-04-16T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12068
published_at 2026-04-07T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12208
published_at 2026-04-11T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.122
published_at 2026-04-09T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.12149
published_at 2026-04-08T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.12269
published_at 2026-04-04T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.12224
published_at 2026-04-02T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.12136
published_at 2026-04-13T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.12171
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2783
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442300
reference_id 2442300
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442300
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2010943
reference_id show_bug.cgi?id=2010943
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2010943
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2783
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgwe-9xfj-6kav
40
url VCID-ss9j-7jd7-nbf1
vulnerability_id VCID-ss9j-7jd7-nbf1
summary Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2770
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15283
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15276
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15358
published_at 2026-04-13T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-12T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15461
published_at 2026-04-11T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15489
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15497
published_at 2026-04-09T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15447
published_at 2026-04-08T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.1536
published_at 2026-04-07T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1556
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2770
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442343
reference_id 2442343
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442343
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014585
reference_id show_bug.cgi?id=2014585
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014585
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2770
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss9j-7jd7-nbf1
41
url VCID-t2c3-smqc-zkba
vulnerability_id VCID-t2c3-smqc-zkba
summary Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0877
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06278
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0633
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06335
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06302
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06257
published_at 2026-04-07T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06261
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06318
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0877
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428969
reference_id 2428969
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428969
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
reference_id mfsa2026-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-02
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-02/
reference_id mfsa2026-02
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-02/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
15
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
16
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
17
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
18
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
19
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
20
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
21
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
22
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
23
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
24
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
25
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
26
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
27
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
28
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
29
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
30
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
31
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
32
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
33
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
34
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
35
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
36
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
37
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1999257
reference_id show_bug.cgi?id=1999257
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1999257
39
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0877
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t2c3-smqc-zkba
42
url VCID-te1e-sjsk-bfd8
vulnerability_id VCID-te1e-sjsk-bfd8
summary Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2768
reference_id
reference_type
scores
0
value 0.00097
scoring_system epss
scoring_elements 0.26746
published_at 2026-04-18T12:55:00Z
1
value 0.00097
scoring_system epss
scoring_elements 0.26774
published_at 2026-04-16T12:55:00Z
2
value 0.00097
scoring_system epss
scoring_elements 0.2675
published_at 2026-04-07T12:55:00Z
3
value 0.00097
scoring_system epss
scoring_elements 0.26869
published_at 2026-04-11T12:55:00Z
4
value 0.00097
scoring_system epss
scoring_elements 0.26866
published_at 2026-04-09T12:55:00Z
5
value 0.00097
scoring_system epss
scoring_elements 0.26818
published_at 2026-04-08T12:55:00Z
6
value 0.00097
scoring_system epss
scoring_elements 0.2696
published_at 2026-04-04T12:55:00Z
7
value 0.00097
scoring_system epss
scoring_elements 0.26923
published_at 2026-04-02T12:55:00Z
8
value 0.00097
scoring_system epss
scoring_elements 0.26767
published_at 2026-04-13T12:55:00Z
9
value 0.00097
scoring_system epss
scoring_elements 0.26824
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2768
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442298
reference_id 2442298
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442298
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014101
reference_id show_bug.cgi?id=2014101
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014101
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2768
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-te1e-sjsk-bfd8
43
url VCID-ud33-vgxh-8khj
vulnerability_id VCID-ud33-vgxh-8khj
summary Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2766
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.0615
published_at 2026-04-18T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06138
published_at 2026-04-16T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06121
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06192
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06201
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06164
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06137
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06107
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06179
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06187
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2766
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442294
reference_id 2442294
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442294
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013583
reference_id show_bug.cgi?id=2013583
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013583
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2766
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ud33-vgxh-8khj
44
url VCID-vszp-vyxy-f7g7
vulnerability_id VCID-vszp-vyxy-f7g7
summary Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2781
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15283
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15276
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.1536
published_at 2026-04-07T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15461
published_at 2026-04-11T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15497
published_at 2026-04-09T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15447
published_at 2026-04-08T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.1556
published_at 2026-04-04T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15489
published_at 2026-04-02T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.15358
published_at 2026-04-13T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2781
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442292
reference_id 2442292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442292
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2009552
reference_id show_bug.cgi?id=2009552
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2009552
39
reference_url https://usn.ubuntu.com/8071-1/
reference_id USN-8071-1
reference_type
scores
url https://usn.ubuntu.com/8071-1/
40
reference_url https://usn.ubuntu.com/8071-2/
reference_id USN-8071-2
reference_type
scores
url https://usn.ubuntu.com/8071-2/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2781
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vszp-vyxy-f7g7
45
url VCID-w4u8-25rz-gqeq
vulnerability_id VCID-w4u8-25rz-gqeq
summary Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2782
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.15727
published_at 2026-04-18T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.15717
published_at 2026-04-16T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15778
published_at 2026-04-07T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15901
published_at 2026-04-11T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15926
published_at 2026-04-09T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15864
published_at 2026-04-08T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15979
published_at 2026-04-04T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15917
published_at 2026-04-02T12:55:00Z
8
value 0.00051
scoring_system epss
scoring_elements 0.15795
published_at 2026-04-13T12:55:00Z
9
value 0.00051
scoring_system epss
scoring_elements 0.15863
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2782
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442331
reference_id 2442331
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442331
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2010743
reference_id show_bug.cgi?id=2010743
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2010743
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2782
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w4u8-25rz-gqeq
46
url VCID-wagm-cq36-k7g3
vulnerability_id VCID-wagm-cq36-k7g3
summary Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2760
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23109
published_at 2026-04-18T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23116
published_at 2026-04-16T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23102
published_at 2026-04-13T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.2316
published_at 2026-04-12T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23197
published_at 2026-04-11T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23216
published_at 2026-04-02T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23176
published_at 2026-04-09T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.23123
published_at 2026-04-08T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.2305
published_at 2026-04-07T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23259
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2760
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442325
reference_id 2442325
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442325
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2011062
reference_id show_bug.cgi?id=2011062
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2011062
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2760
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wagm-cq36-k7g3
47
url VCID-wwdh-xmux-3qdq
vulnerability_id VCID-wwdh-xmux-3qdq
summary Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2759
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20418
published_at 2026-04-18T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20428
published_at 2026-04-13T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20483
published_at 2026-04-12T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.20528
published_at 2026-04-11T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20504
published_at 2026-04-09T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.20579
published_at 2026-04-02T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.20447
published_at 2026-04-08T12:55:00Z
7
value 0.00066
scoring_system epss
scoring_elements 0.20366
published_at 2026-04-07T12:55:00Z
8
value 0.00066
scoring_system epss
scoring_elements 0.20638
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2759
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442307
reference_id 2442307
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442307
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2010933
reference_id show_bug.cgi?id=2010933
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2010933
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2759
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwdh-xmux-3qdq
48
url VCID-wwkc-4c69-cbea
vulnerability_id VCID-wwkc-4c69-cbea
summary Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2784
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19491
published_at 2026-04-18T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19483
published_at 2026-04-16T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19488
published_at 2026-04-07T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19624
published_at 2026-04-11T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.1962
published_at 2026-04-09T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19567
published_at 2026-04-08T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19764
published_at 2026-04-04T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19714
published_at 2026-04-02T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19517
published_at 2026-04-13T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19575
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2784
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442304
reference_id 2442304
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442304
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
13
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
14
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
15
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
16
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
17
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
18
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
19
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
20
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
21
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
22
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
23
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
24
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
25
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
26
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
27
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
28
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
29
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
30
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
31
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
32
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
33
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
34
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
35
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
36
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
37
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2012984
reference_id show_bug.cgi?id=2012984
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2012984
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2784
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwkc-4c69-cbea
49
url VCID-xcbn-tkgg-4ben
vulnerability_id VCID-xcbn-tkgg-4ben
summary Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2772
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15283
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15276
published_at 2026-04-16T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15358
published_at 2026-04-13T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-12T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15461
published_at 2026-04-11T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15489
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15497
published_at 2026-04-09T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15447
published_at 2026-04-08T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.1536
published_at 2026-04-07T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1556
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2772
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442326
reference_id 2442326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442326
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
reference_id mfsa2026-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-14
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-14/
reference_id mfsa2026-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-14/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
reference_id mfsa2026-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-15
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-15/
reference_id mfsa2026-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-15/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
reference_id mfsa2026-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-17
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-17/
reference_id mfsa2026-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-17/
15
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
16
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
17
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
18
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
19
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
20
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
21
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
22
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
23
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
24
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
25
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
26
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
27
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
28
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
29
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
30
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
31
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
32
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
33
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
34
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
35
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
36
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
37
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
38
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
39
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014827
reference_id show_bug.cgi?id=2014827
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014827
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-2772
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xcbn-tkgg-4ben
50
url VCID-zdxh-fp2e-47dd
vulnerability_id VCID-zdxh-fp2e-47dd
summary Information disclosure in the Networking component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0883
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03043
published_at 2026-04-18T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03034
published_at 2026-04-16T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03101
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03094
published_at 2026-04-11T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03131
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03106
published_at 2026-04-08T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.031
published_at 2026-04-04T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03087
published_at 2026-04-02T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03057
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03069
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2428968
reference_id 2428968
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2428968
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
reference_id mfsa2026-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-01/
reference_id mfsa2026-01
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
reference_id mfsa2026-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-03/
reference_id mfsa2026-03
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-03/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
reference_id mfsa2026-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-04
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-04/
reference_id mfsa2026-04
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-04/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
reference_id mfsa2026-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-05
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-05/
reference_id mfsa2026-05
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-05/
13
reference_url https://access.redhat.com/errata/RHSA-2026:0667
reference_id RHSA-2026:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0667
14
reference_url https://access.redhat.com/errata/RHSA-2026:0694
reference_id RHSA-2026:0694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0694
15
reference_url https://access.redhat.com/errata/RHSA-2026:0924
reference_id RHSA-2026:0924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0924
16
reference_url https://access.redhat.com/errata/RHSA-2026:1320
reference_id RHSA-2026:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1320
17
reference_url https://access.redhat.com/errata/RHSA-2026:1413
reference_id RHSA-2026:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1413
18
reference_url https://access.redhat.com/errata/RHSA-2026:1414
reference_id RHSA-2026:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1414
19
reference_url https://access.redhat.com/errata/RHSA-2026:1415
reference_id RHSA-2026:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1415
20
reference_url https://access.redhat.com/errata/RHSA-2026:1461
reference_id RHSA-2026:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1461
21
reference_url https://access.redhat.com/errata/RHSA-2026:1462
reference_id RHSA-2026:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1462
22
reference_url https://access.redhat.com/errata/RHSA-2026:1471
reference_id RHSA-2026:1471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1471
23
reference_url https://access.redhat.com/errata/RHSA-2026:1487
reference_id RHSA-2026:1487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1487
24
reference_url https://access.redhat.com/errata/RHSA-2026:2041
reference_id RHSA-2026:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2041
25
reference_url https://access.redhat.com/errata/RHSA-2026:2043
reference_id RHSA-2026:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2043
26
reference_url https://access.redhat.com/errata/RHSA-2026:2044
reference_id RHSA-2026:2044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2044
27
reference_url https://access.redhat.com/errata/RHSA-2026:2047
reference_id RHSA-2026:2047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2047
28
reference_url https://access.redhat.com/errata/RHSA-2026:2069
reference_id RHSA-2026:2069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2069
29
reference_url https://access.redhat.com/errata/RHSA-2026:2070
reference_id RHSA-2026:2070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2070
30
reference_url https://access.redhat.com/errata/RHSA-2026:2073
reference_id RHSA-2026:2073
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2073
31
reference_url https://access.redhat.com/errata/RHSA-2026:2074
reference_id RHSA-2026:2074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2074
32
reference_url https://access.redhat.com/errata/RHSA-2026:2220
reference_id RHSA-2026:2220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2220
33
reference_url https://access.redhat.com/errata/RHSA-2026:2231
reference_id RHSA-2026:2231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2231
34
reference_url https://access.redhat.com/errata/RHSA-2026:2271
reference_id RHSA-2026:2271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2271
35
reference_url https://access.redhat.com/errata/RHSA-2026:2286
reference_id RHSA-2026:2286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2286
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1989340
reference_id show_bug.cgi?id=1989340
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1989340
37
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13he-qsr4-h3d4
1
vulnerability VCID-15j8-br8z-juf3
2
vulnerability VCID-1fv1-edht-ufag
3
vulnerability VCID-23eu-22t2-cydd
4
vulnerability VCID-26d3-ctnj-7kbh
5
vulnerability VCID-289s-f2w6-53g9
6
vulnerability VCID-351y-4nek-u3aw
7
vulnerability VCID-3grf-hwk1-3fh8
8
vulnerability VCID-3kd3-hwzv-efbn
9
vulnerability VCID-3xgu-7evz-mffw
10
vulnerability VCID-4q6w-tdk9-d3an
11
vulnerability VCID-5dw5-vpt8-zqbz
12
vulnerability VCID-646f-ndeq-5bee
13
vulnerability VCID-675n-7uzz-pqdj
14
vulnerability VCID-6mur-mtfg-97gt
15
vulnerability VCID-77y6-jskt-qucb
16
vulnerability VCID-8qyy-e4jt-rbc4
17
vulnerability VCID-8vka-qus2-tbhj
18
vulnerability VCID-8xek-k5y2-6bfp
19
vulnerability VCID-9ag7-z86d-nba9
20
vulnerability VCID-b4bq-q3ga-3ff1
21
vulnerability VCID-b6sf-z5tm-4uau
22
vulnerability VCID-e2k8-m9sm-8uek
23
vulnerability VCID-ft6u-geds-fua9
24
vulnerability VCID-gkva-6cu9-7keg
25
vulnerability VCID-hshc-4xnc-gug4
26
vulnerability VCID-hstd-23qm-bqdg
27
vulnerability VCID-j1hb-8jjy-tqgq
28
vulnerability VCID-kuwd-6tcg-fuha
29
vulnerability VCID-m6uv-91wz-xfdv
30
vulnerability VCID-mm6w-kpe8-4kg3
31
vulnerability VCID-nvsz-9s3r-nbhq
32
vulnerability VCID-qbzp-euvv-q7c7
33
vulnerability VCID-qkks-24cp-gqg2
34
vulnerability VCID-rp5h-ym8y-skbw
35
vulnerability VCID-t4t3-5pt5-ayds
36
vulnerability VCID-u3j3-fc4f-7ff7
37
vulnerability VCID-wmyy-2cg3-wyhc
38
vulnerability VCID-wqw2-gjvu-6qbu
39
vulnerability VCID-wvx2-pba2-sqha
40
vulnerability VCID-yjc2-2whn-uug5
41
vulnerability VCID-ymak-rv52-h7a5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1
aliases CVE-2026-0883
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdxh-fp2e-47dd
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1