Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
Typedeb
Namespacedebian
Namethunderbird
Version1:140.9.0esr-1~deb12u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:140.9.1esr-1
Latest_non_vulnerable_version1:140.9.1esr-1
Affected_by_vulnerabilities
0
url VCID-5dw5-vpt8-zqbz
vulnerability_id VCID-5dw5-vpt8-zqbz
summary Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5731
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17176
published_at 2026-04-12T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17223
published_at 2026-04-11T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17244
published_at 2026-04-09T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17187
published_at 2026-04-08T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20048
published_at 2026-04-24T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20168
published_at 2026-04-18T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20167
published_at 2026-04-21T12:55:00Z
7
value 0.00072
scoring_system epss
scoring_elements 0.21869
published_at 2026-04-16T12:55:00Z
8
value 0.00072
scoring_system epss
scoring_elements 0.21867
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5731
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455901
reference_id 2455901
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455901
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-26
reference_id mfsa2026-26
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-26
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-26/
reference_id mfsa2026-26
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-26/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
15
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
16
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
17
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
18
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
19
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
20
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
aliases CVE-2026-5731
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dw5-vpt8-zqbz
1
url VCID-9ag7-z86d-nba9
vulnerability_id VCID-9ag7-z86d-nba9
summary Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5734
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13903
published_at 2026-04-08T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13955
published_at 2026-04-09T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13912
published_at 2026-04-11T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13876
published_at 2026-04-12T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18602
published_at 2026-04-13T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18471
published_at 2026-04-24T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18576
published_at 2026-04-21T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18556
published_at 2026-04-18T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18547
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5734
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455897
reference_id 2455897
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455897
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
reference_id buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
14
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
15
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
16
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
17
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
18
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
19
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
aliases CVE-2026-5734
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ag7-z86d-nba9
2
url VCID-qbzp-euvv-q7c7
vulnerability_id VCID-qbzp-euvv-q7c7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5732
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.1175
published_at 2026-04-12T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11789
published_at 2026-04-11T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11778
published_at 2026-04-09T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11723
published_at 2026-04-08T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12862
published_at 2026-04-24T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12835
published_at 2026-04-13T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12738
published_at 2026-04-16T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12742
published_at 2026-04-18T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12843
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5732
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455908
reference_id 2455908
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455908
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
13
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
14
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
15
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
16
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
17
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
18
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
19
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
reference_id show_bug.cgi?id=2017867
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
aliases CVE-2026-5732
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbzp-euvv-q7c7
Fixing_vulnerabilities
0
url VCID-13he-qsr4-h3d4
vulnerability_id VCID-13he-qsr4-h3d4
summary Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4709
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06454
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06438
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0629
published_at 2026-04-18T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06339
published_at 2026-04-13T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0635
published_at 2026-04-12T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06266
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06355
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06362
published_at 2026-04-09T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06322
published_at 2026-04-08T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06276
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.063
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4709
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450726
reference_id 2450726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450726
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016329
reference_id show_bug.cgi?id=2016329
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016329
41
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016342
reference_id show_bug.cgi?id=2016342
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016342
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4709
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-13he-qsr4-h3d4
1
url VCID-15j8-br8z-juf3
vulnerability_id VCID-15j8-br8z-juf3
summary Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3889.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3889.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3889
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07517
published_at 2026-04-24T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07542
published_at 2026-04-11T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.0746
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07518
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07541
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-16T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-21T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07427
published_at 2026-04-18T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07515
published_at 2026-04-13T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07528
published_at 2026-04-12T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07479
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3889
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451006
reference_id 2451006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451006
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
9
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
10
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
11
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
12
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
13
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
14
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
15
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
16
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
17
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
18
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
19
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
20
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
21
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020723
reference_id show_bug.cgi?id=2020723
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020723
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-3889
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15j8-br8z-juf3
2
url VCID-1fv1-edht-ufag
vulnerability_id VCID-1fv1-edht-ufag
summary Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4715
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4715
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450723
reference_id 2450723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450723
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018405
reference_id show_bug.cgi?id=2018405
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018405
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4715
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fv1-edht-ufag
3
url VCID-23eu-22t2-cydd
vulnerability_id VCID-23eu-22t2-cydd
summary Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4714
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4714
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450725
reference_id 2450725
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450725
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018126
reference_id show_bug.cgi?id=2018126
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018126
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4714
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-23eu-22t2-cydd
4
url VCID-26d3-ctnj-7kbh
vulnerability_id VCID-26d3-ctnj-7kbh
summary Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4691
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10166
published_at 2026-04-24T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10185
published_at 2026-04-21T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10092
published_at 2026-04-07T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10223
published_at 2026-04-12T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10264
published_at 2026-04-11T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10228
published_at 2026-04-09T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10167
published_at 2026-04-08T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10196
published_at 2026-04-04T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10131
published_at 2026-04-02T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10054
published_at 2026-04-18T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10076
published_at 2026-04-16T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10204
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4691
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450738
reference_id 2450738
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450738
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017512
reference_id show_bug.cgi?id=2017512
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017512
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4691
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26d3-ctnj-7kbh
5
url VCID-289s-f2w6-53g9
vulnerability_id VCID-289s-f2w6-53g9
summary Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4716
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4716
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450720
reference_id 2450720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450720
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018592
reference_id show_bug.cgi?id=2018592
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018592
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4716
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-289s-f2w6-53g9
6
url VCID-351y-4nek-u3aw
vulnerability_id VCID-351y-4nek-u3aw
summary JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4698
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07468
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07524
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07537
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07549
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-08T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-04T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07448
published_at 2026-04-02T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-18T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12871
published_at 2026-04-24T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.12851
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4698
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450719
reference_id 2450719
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450719
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020906
reference_id show_bug.cgi?id=2020906
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020906
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4698
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-351y-4nek-u3aw
7
url VCID-3grf-hwk1-3fh8
vulnerability_id VCID-3grf-hwk1-3fh8
summary Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4719
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4719
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450746
reference_id 2450746
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450746
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016367
reference_id show_bug.cgi?id=2016367
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016367
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4719
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3grf-hwk1-3fh8
8
url VCID-3kd3-hwzv-efbn
vulnerability_id VCID-3kd3-hwzv-efbn
summary Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4721
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06352
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06333
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06155
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06223
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06228
published_at 2026-04-11T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06237
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06198
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06172
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06141
published_at 2026-04-02T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06184
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06213
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4721
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450711
reference_id 2450711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450711
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
reference_id buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
15
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
16
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
17
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
18
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
19
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
20
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
21
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
22
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
23
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
24
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
25
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
26
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
27
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
28
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
29
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
30
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
31
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
32
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
33
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
34
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
35
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
36
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
37
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
38
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
39
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
40
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4721
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kd3-hwzv-efbn
9
url VCID-3xgu-7evz-mffw
vulnerability_id VCID-3xgu-7evz-mffw
summary Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4705
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05769
published_at 2026-04-24T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05737
published_at 2026-04-21T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05592
published_at 2026-04-07T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05629
published_at 2026-04-11T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05656
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.0563
published_at 2026-04-08T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05594
published_at 2026-04-04T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05557
published_at 2026-04-02T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05579
published_at 2026-04-18T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05565
published_at 2026-04-16T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05614
published_at 2026-04-13T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.0562
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4705
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450722
reference_id 2450722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450722
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014873
reference_id show_bug.cgi?id=2014873
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014873
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4705
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xgu-7evz-mffw
10
url VCID-4q6w-tdk9-d3an
vulnerability_id VCID-4q6w-tdk9-d3an
summary Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4720
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450751
reference_id 2450751
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450751
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
reference_id buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
14
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
15
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
16
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
17
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
18
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
19
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
20
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
21
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
22
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
23
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
24
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
25
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
26
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
27
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
28
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
29
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
30
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
31
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
32
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
33
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
34
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
35
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
36
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
37
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
38
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4720
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6w-tdk9-d3an
11
url VCID-646f-ndeq-5bee
vulnerability_id VCID-646f-ndeq-5bee
summary Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4687
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06559
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06543
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06376
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06454
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06461
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06468
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06425
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06388
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06357
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06385
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06444
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4687
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450757
reference_id 2450757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450757
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016368
reference_id show_bug.cgi?id=2016368
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016368
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4687
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-646f-ndeq-5bee
12
url VCID-675n-7uzz-pqdj
vulnerability_id VCID-675n-7uzz-pqdj
summary Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4688
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05555
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05519
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05385
published_at 2026-04-04T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05422
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05449
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05426
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05392
published_at 2026-04-07T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05355
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-18T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05354
published_at 2026-04-16T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05401
published_at 2026-04-13T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05409
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4688
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450713
reference_id 2450713
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450713
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
reference_id show_bug.cgi?id=2016373
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4688
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-675n-7uzz-pqdj
13
url VCID-6mur-mtfg-97gt
vulnerability_id VCID-6mur-mtfg-97gt
summary A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4371.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4371.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4371
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17458
published_at 2026-04-24T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.1749
published_at 2026-04-07T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17579
published_at 2026-04-08T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.1764
published_at 2026-04-09T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17659
published_at 2026-04-11T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17612
published_at 2026-04-12T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.1756
published_at 2026-04-13T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17505
published_at 2026-04-16T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17514
published_at 2026-04-18T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17548
published_at 2026-04-21T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17716
published_at 2026-04-02T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17763
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4371
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4371
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4371
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451001
reference_id 2451001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451001
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
9
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
10
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
11
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
12
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
13
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
14
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
15
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
16
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
17
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
18
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
19
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
20
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
21
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023493
reference_id show_bug.cgi?id=2023493
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023493
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4371
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6mur-mtfg-97gt
14
url VCID-77y6-jskt-qucb
vulnerability_id VCID-77y6-jskt-qucb
summary libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59375
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12206
published_at 2026-04-21T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.15184
published_at 2026-04-24T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15811
published_at 2026-04-02T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15663
published_at 2026-04-07T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15748
published_at 2026-04-08T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15871
published_at 2026-04-04T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15808
published_at 2026-04-09T12:55:00Z
7
value 0.00058
scoring_system epss
scoring_elements 0.18164
published_at 2026-04-13T12:55:00Z
8
value 0.00058
scoring_system epss
scoring_elements 0.18121
published_at 2026-04-18T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.18108
published_at 2026-04-16T12:55:00Z
10
value 0.00058
scoring_system epss
scoring_elements 0.18262
published_at 2026-04-11T12:55:00Z
11
value 0.00058
scoring_system epss
scoring_elements 0.18215
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59375
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/libexpat/libexpat/issues/1018
reference_id 1018
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/issues/1018
5
reference_url https://github.com/libexpat/libexpat/pull/1034
reference_id 1034
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/pull/1034
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298
reference_id 1115298
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395108
reference_id 2395108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395108
8
reference_url https://issues.oss-fuzz.com/issues/439133977
reference_id 439133977
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://issues.oss-fuzz.com/issues/439133977
9
reference_url https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
reference_id Changes
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
10
reference_url https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
reference_id Changes#L45-L74
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
15
reference_url https://access.redhat.com/errata/RHSA-2025:19020
reference_id RHSA-2025:19020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19020
16
reference_url https://access.redhat.com/errata/RHSA-2025:19403
reference_id RHSA-2025:19403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19403
17
reference_url https://access.redhat.com/errata/RHSA-2025:21030
reference_id RHSA-2025:21030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21030
18
reference_url https://access.redhat.com/errata/RHSA-2025:21773
reference_id RHSA-2025:21773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21773
19
reference_url https://access.redhat.com/errata/RHSA-2025:21776
reference_id RHSA-2025:21776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21776
20
reference_url https://access.redhat.com/errata/RHSA-2025:21974
reference_id RHSA-2025:21974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21974
21
reference_url https://access.redhat.com/errata/RHSA-2025:22033
reference_id RHSA-2025:22033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22033
22
reference_url https://access.redhat.com/errata/RHSA-2025:22034
reference_id RHSA-2025:22034
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22034
23
reference_url https://access.redhat.com/errata/RHSA-2025:22035
reference_id RHSA-2025:22035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22035
24
reference_url https://access.redhat.com/errata/RHSA-2025:22175
reference_id RHSA-2025:22175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22175
25
reference_url https://access.redhat.com/errata/RHSA-2025:22607
reference_id RHSA-2025:22607
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22607
26
reference_url https://access.redhat.com/errata/RHSA-2025:22618
reference_id RHSA-2025:22618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22618
27
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
28
reference_url https://access.redhat.com/errata/RHSA-2025:22842
reference_id RHSA-2025:22842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22842
29
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
30
reference_url https://access.redhat.com/errata/RHSA-2025:22935
reference_id RHSA-2025:22935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22935
31
reference_url https://access.redhat.com/errata/RHSA-2025:23078
reference_id RHSA-2025:23078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23078
32
reference_url https://access.redhat.com/errata/RHSA-2025:23079
reference_id RHSA-2025:23079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23079
33
reference_url https://access.redhat.com/errata/RHSA-2025:23080
reference_id RHSA-2025:23080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23080
34
reference_url https://access.redhat.com/errata/RHSA-2025:23202
reference_id RHSA-2025:23202
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23202
35
reference_url https://access.redhat.com/errata/RHSA-2025:23204
reference_id RHSA-2025:23204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23204
36
reference_url https://access.redhat.com/errata/RHSA-2025:23205
reference_id RHSA-2025:23205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23205
37
reference_url https://access.redhat.com/errata/RHSA-2025:23209
reference_id RHSA-2025:23209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23209
38
reference_url https://access.redhat.com/errata/RHSA-2025:23227
reference_id RHSA-2025:23227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23227
39
reference_url https://access.redhat.com/errata/RHSA-2025:23248
reference_id RHSA-2025:23248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23248
40
reference_url https://access.redhat.com/errata/RHSA-2025:23449
reference_id RHSA-2025:23449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23449
41
reference_url https://access.redhat.com/errata/RHSA-2025:23550
reference_id RHSA-2025:23550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23550
42
reference_url https://access.redhat.com/errata/RHSA-2026:0001
reference_id RHSA-2026:0001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0001
43
reference_url https://access.redhat.com/errata/RHSA-2026:0076
reference_id RHSA-2026:0076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0076
44
reference_url https://access.redhat.com/errata/RHSA-2026:0077
reference_id RHSA-2026:0077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0077
45
reference_url https://access.redhat.com/errata/RHSA-2026:0078
reference_id RHSA-2026:0078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0078
46
reference_url https://access.redhat.com/errata/RHSA-2026:0326
reference_id RHSA-2026:0326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0326
47
reference_url https://access.redhat.com/errata/RHSA-2026:0332
reference_id RHSA-2026:0332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0332
48
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
49
reference_url https://access.redhat.com/errata/RHSA-2026:0420
reference_id RHSA-2026:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0420
50
reference_url https://access.redhat.com/errata/RHSA-2026:0518
reference_id RHSA-2026:0518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0518
51
reference_url https://access.redhat.com/errata/RHSA-2026:0674
reference_id RHSA-2026:0674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0674
52
reference_url https://access.redhat.com/errata/RHSA-2026:0677
reference_id RHSA-2026:0677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0677
53
reference_url https://access.redhat.com/errata/RHSA-2026:0702
reference_id RHSA-2026:0702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0702
54
reference_url https://access.redhat.com/errata/RHSA-2026:0934
reference_id RHSA-2026:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0934
55
reference_url https://access.redhat.com/errata/RHSA-2026:0996
reference_id RHSA-2026:0996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0996
56
reference_url https://access.redhat.com/errata/RHSA-2026:1541
reference_id RHSA-2026:1541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1541
57
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
58
reference_url https://access.redhat.com/errata/RHSA-2026:3407
reference_id RHSA-2026:3407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3407
59
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
60
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
61
reference_url https://access.redhat.com/errata/RHSA-2026:5396
reference_id RHSA-2026:5396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5396
62
reference_url https://usn.ubuntu.com/8022-1/
reference_id USN-8022-1
reference_type
scores
url https://usn.ubuntu.com/8022-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2025-59375
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77y6-jskt-qucb
15
url VCID-8qyy-e4jt-rbc4
vulnerability_id VCID-8qyy-e4jt-rbc4
summary Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4695
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05291
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05256
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4695
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450715
reference_id 2450715
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450715
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020030
reference_id show_bug.cgi?id=2020030
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020030
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4695
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qyy-e4jt-rbc4
16
url VCID-8vka-qus2-tbhj
vulnerability_id VCID-8vka-qus2-tbhj
summary Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2447
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03974
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03897
published_at 2026-04-07T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-08T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03927
published_at 2026-04-09T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03896
published_at 2026-04-11T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03877
published_at 2026-04-12T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.0385
published_at 2026-04-13T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03829
published_at 2026-04-16T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03839
published_at 2026-04-18T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03958
published_at 2026-04-21T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03874
published_at 2026-04-02T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.03884
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
reference_id 1128283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440219
reference_id 2440219
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440219
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-10
reference_id mfsa2026-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-10
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-10/
reference_id mfsa2026-10
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-10/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-11
reference_id mfsa2026-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-11
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-11/
reference_id mfsa2026-11
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-11/
10
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
11
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
12
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
13
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
14
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
15
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
16
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
17
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
18
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
19
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
20
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
21
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
22
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
23
reference_url https://access.redhat.com/errata/RHSA-2026:3967
reference_id RHSA-2026:3967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3967
24
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
25
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
26
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
27
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
28
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
29
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
30
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
31
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
32
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
33
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
34
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
35
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
36
reference_url https://access.redhat.com/errata/RHSA-2026:4447
reference_id RHSA-2026:4447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4447
37
reference_url https://access.redhat.com/errata/RHSA-2026:4629
reference_id RHSA-2026:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4629
38
reference_url https://access.redhat.com/errata/RHSA-2026:5227
reference_id RHSA-2026:5227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5227
39
reference_url https://access.redhat.com/errata/RHSA-2026:5228
reference_id RHSA-2026:5228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5228
40
reference_url https://access.redhat.com/errata/RHSA-2026:5229
reference_id RHSA-2026:5229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5229
41
reference_url https://access.redhat.com/errata/RHSA-2026:5230
reference_id RHSA-2026:5230
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5230
42
reference_url https://access.redhat.com/errata/RHSA-2026:5231
reference_id RHSA-2026:5231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5231
43
reference_url https://access.redhat.com/errata/RHSA-2026:5319
reference_id RHSA-2026:5319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5319
44
reference_url https://access.redhat.com/errata/RHSA-2026:5320
reference_id RHSA-2026:5320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5320
45
reference_url https://access.redhat.com/errata/RHSA-2026:5323
reference_id RHSA-2026:5323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5323
46
reference_url https://access.redhat.com/errata/RHSA-2026:5324
reference_id RHSA-2026:5324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5324
47
reference_url https://access.redhat.com/errata/RHSA-2026:5326
reference_id RHSA-2026:5326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5326
48
reference_url https://access.redhat.com/errata/RHSA-2026:8746
reference_id RHSA-2026:8746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8746
49
reference_url https://access.redhat.com/errata/RHSA-2026:8747
reference_id RHSA-2026:8747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8747
50
reference_url https://access.redhat.com/errata/RHSA-2026:8748
reference_id RHSA-2026:8748
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8748
51
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
reference_id show_bug.cgi?id=2014390
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
52
reference_url https://usn.ubuntu.com/8053-1/
reference_id USN-8053-1
reference_type
scores
url https://usn.ubuntu.com/8053-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-2447
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj
17
url VCID-8xek-k5y2-6bfp
vulnerability_id VCID-8xek-k5y2-6bfp
summary Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4689
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07624
published_at 2026-04-24T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07676
published_at 2026-04-21T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07598
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07637
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0765
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07649
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07632
published_at 2026-04-08T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07573
published_at 2026-04-07T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-02T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07536
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07548
published_at 2026-04-16T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07623
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4689
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450718
reference_id 2450718
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450718
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016374
reference_id show_bug.cgi?id=2016374
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016374
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4689
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xek-k5y2-6bfp
18
url VCID-b4bq-q3ga-3ff1
vulnerability_id VCID-b4bq-q3ga-3ff1
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4707
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03554
published_at 2026-04-24T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03727
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4707
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450755
reference_id 2450755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450755
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015267
reference_id show_bug.cgi?id=2015267
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015267
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4707
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4bq-q3ga-3ff1
19
url VCID-b6sf-z5tm-4uau
vulnerability_id VCID-b6sf-z5tm-4uau
summary Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4696
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07529
published_at 2026-04-24T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07567
published_at 2026-04-21T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07468
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07537
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07549
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-08T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-04T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07448
published_at 2026-04-02T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-16T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07524
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4696
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450740
reference_id 2450740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450740
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020190
reference_id show_bug.cgi?id=2020190
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020190
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4696
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6sf-z5tm-4uau
20
url VCID-e2k8-m9sm-8uek
vulnerability_id VCID-e2k8-m9sm-8uek
summary Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4699
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4699
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450739
reference_id 2450739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450739
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021863
reference_id show_bug.cgi?id=2021863
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021863
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4699
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2k8-m9sm-8uek
21
url VCID-ft6u-geds-fua9
vulnerability_id VCID-ft6u-geds-fua9
summary JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4702
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4702
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450744
reference_id 2450744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450744
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013560
reference_id show_bug.cgi?id=2013560
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013560
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4702
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft6u-geds-fua9
22
url VCID-gkva-6cu9-7keg
vulnerability_id VCID-gkva-6cu9-7keg
summary Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4692
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07112
published_at 2026-04-21T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0698
published_at 2026-04-18T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06982
published_at 2026-04-07T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07064
published_at 2026-04-12T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.07075
published_at 2026-04-24T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.07068
published_at 2026-04-09T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.07037
published_at 2026-04-08T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.07002
published_at 2026-04-04T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06948
published_at 2026-04-02T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06995
published_at 2026-04-16T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.07055
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4692
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450748
reference_id 2450748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450748
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017643
reference_id show_bug.cgi?id=2017643
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017643
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4692
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkva-6cu9-7keg
23
url VCID-hshc-4xnc-gug4
vulnerability_id VCID-hshc-4xnc-gug4
summary Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4704
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05291
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05256
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450756
reference_id 2450756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450756
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014868
reference_id show_bug.cgi?id=2014868
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014868
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4704
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hshc-4xnc-gug4
24
url VCID-hstd-23qm-bqdg
vulnerability_id VCID-hstd-23qm-bqdg
summary Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4717
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4717
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450712
reference_id 2450712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450712
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021695
reference_id show_bug.cgi?id=2021695
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021695
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4717
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hstd-23qm-bqdg
25
url VCID-j1hb-8jjy-tqgq
vulnerability_id VCID-j1hb-8jjy-tqgq
summary Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4693
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450741
reference_id 2450741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450741
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018102
reference_id show_bug.cgi?id=2018102
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018102
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4693
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1hb-8jjy-tqgq
26
url VCID-kuwd-6tcg-fuha
vulnerability_id VCID-kuwd-6tcg-fuha
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4713
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4713
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450730
reference_id 2450730
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450730
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018113
reference_id show_bug.cgi?id=2018113
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018113
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4713
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwd-6tcg-fuha
27
url VCID-m6uv-91wz-xfdv
vulnerability_id VCID-m6uv-91wz-xfdv
summary Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4700
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06091
published_at 2026-04-24T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06069
published_at 2026-04-21T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05901
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05959
published_at 2026-04-11T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05978
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05939
published_at 2026-04-08T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.0591
published_at 2026-04-04T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05877
published_at 2026-04-02T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05916
published_at 2026-04-18T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05905
published_at 2026-04-16T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-13T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4700
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450752
reference_id 2450752
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450752
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2003766
reference_id show_bug.cgi?id=2003766
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2003766
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4700
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6uv-91wz-xfdv
28
url VCID-mm6w-kpe8-4kg3
vulnerability_id VCID-mm6w-kpe8-4kg3
summary Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4684
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02935
published_at 2026-04-24T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.02941
published_at 2026-04-21T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.02853
published_at 2026-04-04T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.02835
published_at 2026-04-12T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.02854
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02884
published_at 2026-04-09T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02863
published_at 2026-04-08T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02861
published_at 2026-04-07T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02837
published_at 2026-04-02T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.02825
published_at 2026-04-18T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.02814
published_at 2026-04-16T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.0283
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4684
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450721
reference_id 2450721
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450721
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2011129
reference_id show_bug.cgi?id=2011129
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2011129
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4684
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mm6w-kpe8-4kg3
29
url VCID-nvsz-9s3r-nbhq
vulnerability_id VCID-nvsz-9s3r-nbhq
summary Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4718
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01768
published_at 2026-04-24T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01757
published_at 2026-04-21T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01692
published_at 2026-04-04T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01686
published_at 2026-04-11T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01701
published_at 2026-04-09T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01693
published_at 2026-04-08T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01691
published_at 2026-04-07T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01683
published_at 2026-04-02T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01668
published_at 2026-04-18T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01665
published_at 2026-04-16T12:55:00Z
10
value 0.00012
scoring_system epss
scoring_elements 0.01676
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450742
reference_id 2450742
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450742
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014864
reference_id show_bug.cgi?id=2014864
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014864
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4718
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvsz-9s3r-nbhq
30
url VCID-qkks-24cp-gqg2
vulnerability_id VCID-qkks-24cp-gqg2
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4706
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4706
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450714
reference_id 2450714
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450714
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015091
reference_id show_bug.cgi?id=2015091
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015091
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4706
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkks-24cp-gqg2
31
url VCID-rp5h-ym8y-skbw
vulnerability_id VCID-rp5h-ym8y-skbw
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4701
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4701
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450710
reference_id 2450710
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450710
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2009303
reference_id show_bug.cgi?id=2009303
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2009303
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4701
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5h-ym8y-skbw
32
url VCID-t4t3-5pt5-ayds
vulnerability_id VCID-t4t3-5pt5-ayds
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4685
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4685
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450724
reference_id 2450724
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450724
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016349
reference_id show_bug.cgi?id=2016349
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016349
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4685
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t3-5pt5-ayds
33
url VCID-u3j3-fc4f-7ff7
vulnerability_id VCID-u3j3-fc4f-7ff7
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4686
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4686
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450734
reference_id 2450734
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450734
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016351
reference_id show_bug.cgi?id=2016351
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016351
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4686
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3j3-fc4f-7ff7
34
url VCID-wmyy-2cg3-wyhc
vulnerability_id VCID-wmyy-2cg3-wyhc
summary Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4697
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05291
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05256
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450729
reference_id 2450729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450729
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020422
reference_id show_bug.cgi?id=2020422
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020422
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4697
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyy-2cg3-wyhc
35
url VCID-wqw2-gjvu-6qbu
vulnerability_id VCID-wqw2-gjvu-6qbu
summary Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4690
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03055
published_at 2026-04-24T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03218
published_at 2026-04-21T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0554
published_at 2026-04-08T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05518
published_at 2026-04-13T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05525
published_at 2026-04-12T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05537
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05562
published_at 2026-04-09T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05504
published_at 2026-04-07T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05469
published_at 2026-04-16T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05479
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450732
reference_id 2450732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450732
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016375
reference_id show_bug.cgi?id=2016375
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016375
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4690
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw2-gjvu-6qbu
36
url VCID-wvx2-pba2-sqha
vulnerability_id VCID-wvx2-pba2-sqha
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4708
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450735
reference_id 2450735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450735
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015268
reference_id show_bug.cgi?id=2015268
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015268
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4708
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvx2-pba2-sqha
37
url VCID-yjc2-2whn-uug5
vulnerability_id VCID-yjc2-2whn-uug5
summary Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4694
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05601
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05569
published_at 2026-04-21T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05434
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05448
published_at 2026-04-12T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05462
published_at 2026-04-11T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.0549
published_at 2026-04-09T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05469
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05426
published_at 2026-04-04T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05393
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.054
published_at 2026-04-18T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05442
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4694
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450747
reference_id 2450747
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450747
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018430
reference_id show_bug.cgi?id=2018430
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018430
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4694
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjc2-2whn-uug5
38
url VCID-ymak-rv52-h7a5
vulnerability_id VCID-ymak-rv52-h7a5
summary Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4710
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450727
reference_id 2450727
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450727
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016370
reference_id show_bug.cgi?id=2016370
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016370
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
aliases CVE-2026-4710
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymak-rv52-h7a5
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1