Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/firefox@140.9.0-1?arch=el10_0

Type rpm

Namespace redhat

Name firefox

Version 140.9.0-1

Qualifiers

arch	el10_0

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-13he-qsr4-h3d4

vulnerability_id

VCID-13he-qsr4-h3d4

summary

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4709

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.0629
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06339
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0635
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06355
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06362
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06266
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06322
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.063
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06276
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450726
reference_id	2450726
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450726

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016329

reference_id

show_bug.cgi?id=2016329

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016329

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016342

reference_id

show_bug.cgi?id=2016342

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016342

fixed_packages

aliases

CVE-2026-4709

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-13he-qsr4-h3d4

url

VCID-1fv1-edht-ufag

vulnerability_id

VCID-1fv1-edht-ufag

summary

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4715

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4715

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450723
reference_id	2450723
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450723

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018405

reference_id

show_bug.cgi?id=2018405

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018405

fixed_packages

aliases

CVE-2026-4715

risk_score

4.1

exploitability

0.5

weighted_severity

8.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-1fv1-edht-ufag

url

VCID-23eu-22t2-cydd

vulnerability_id

VCID-23eu-22t2-cydd

summary

Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4714

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05276
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05274
published_at	2026-04-16T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05324
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05349
published_at	2026-04-11T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05381
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05357
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05298
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05265
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05326
published_at	2026-04-13T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05337
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4714

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450725
reference_id	2450725
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450725

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018126

reference_id

show_bug.cgi?id=2018126

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018126

fixed_packages

aliases

CVE-2026-4714

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-23eu-22t2-cydd

url

VCID-26d3-ctnj-7kbh

vulnerability_id

VCID-26d3-ctnj-7kbh

summary

Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4691

reference_id

reference_type

scores

value	0.00035
scoring_system	epss
scoring_elements	0.10054
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10076
published_at	2026-04-16T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10204
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10223
published_at	2026-04-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10264
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10131
published_at	2026-04-02T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10228
published_at	2026-04-09T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10167
published_at	2026-04-08T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10092
published_at	2026-04-07T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10196
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450738
reference_id	2450738
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450738

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017512

reference_id

show_bug.cgi?id=2017512

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017512

fixed_packages

aliases

CVE-2026-4691

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-26d3-ctnj-7kbh

url

VCID-289s-f2w6-53g9

vulnerability_id

VCID-289s-f2w6-53g9

summary

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4716

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4716

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450720
reference_id	2450720
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450720

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018592

reference_id

show_bug.cgi?id=2018592

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018592

fixed_packages

aliases

CVE-2026-4716

risk_score

4.1

exploitability

0.5

weighted_severity

8.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-289s-f2w6-53g9

url

VCID-351y-4nek-u3aw

vulnerability_id

VCID-351y-4nek-u3aw

summary

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4698

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07439
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07449
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07524
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07537
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07551
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07448
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07549
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07527
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07468
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07487
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450719
reference_id	2450719
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450719

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020906

reference_id

show_bug.cgi?id=2020906

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020906

fixed_packages

aliases

CVE-2026-4698

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-351y-4nek-u3aw

url

VCID-3grf-hwk1-3fh8

vulnerability_id

VCID-3grf-hwk1-3fh8

summary

Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4719

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05276
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05274
published_at	2026-04-16T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05324
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05349
published_at	2026-04-11T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05381
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05357
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05298
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05265
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05326
published_at	2026-04-13T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05337
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450746
reference_id	2450746
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450746

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016367

reference_id

show_bug.cgi?id=2016367

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016367

fixed_packages

aliases

CVE-2026-4719

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-3grf-hwk1-3fh8

url

VCID-3kd3-hwzv-efbn

vulnerability_id

VCID-3kd3-hwzv-efbn

summary

Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4721

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06184
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06213
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06155
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06223
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06228
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06237
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06198
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06172
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06141
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450711
reference_id	2450711
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450711

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676

reference_id

buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/

url

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

fixed_packages

aliases

CVE-2026-4721

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-3kd3-hwzv-efbn

url

VCID-3xgu-7evz-mffw

vulnerability_id

VCID-3xgu-7evz-mffw

summary

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4705

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05579
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05565
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05592
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05629
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05656
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0563
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05594
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05557
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05614
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0562
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450722
reference_id	2450722
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450722

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014873

reference_id

show_bug.cgi?id=2014873

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014873

fixed_packages

aliases

CVE-2026-4705

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-3xgu-7evz-mffw

url

VCID-4q6w-tdk9-d3an

vulnerability_id

VCID-4q6w-tdk9-d3an

summary

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4720

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450751
reference_id	2450751
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450751

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733

reference_id

buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

fixed_packages

aliases

CVE-2026-4720

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6w-tdk9-d3an

url

VCID-4r8e-64b6-bbbu

vulnerability_id

VCID-4r8e-64b6-bbbu

summary

Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4711

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4711

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450733
reference_id	2450733
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450733

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017002

reference_id

show_bug.cgi?id=2017002

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017002

fixed_packages

aliases

CVE-2026-4711

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4r8e-64b6-bbbu

url

VCID-646f-ndeq-5bee

vulnerability_id

VCID-646f-ndeq-5bee

summary

Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4687

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06394
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06385
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06444
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06454
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06461
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06357
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06468
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06425
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06376
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06388
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450757
reference_id	2450757
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450757

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016368

reference_id

show_bug.cgi?id=2016368

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016368

fixed_packages

aliases

CVE-2026-4687

risk_score

4.3

exploitability

0.5

weighted_severity

8.6

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-646f-ndeq-5bee

url

VCID-675n-7uzz-pqdj

vulnerability_id

VCID-675n-7uzz-pqdj

summary

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4688

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05357
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05354
published_at	2026-04-16T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05385
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05422
published_at	2026-04-11T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05449
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05426
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05392
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05355
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05401
published_at	2026-04-13T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05409
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450713
reference_id	2450713
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450713

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016373

reference_id

show_bug.cgi?id=2016373

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016373

fixed_packages

aliases

CVE-2026-4688

risk_score

4.3

exploitability

0.5

weighted_severity

8.6

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-675n-7uzz-pqdj

url

VCID-8qyy-e4jt-rbc4

vulnerability_id

VCID-8qyy-e4jt-rbc4

summary

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4695

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05103
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05098
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05164
published_at	2026-04-07T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05184
published_at	2026-04-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05214
published_at	2026-04-09T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05197
published_at	2026-04-08T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05142
published_at	2026-04-04T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05113
published_at	2026-04-02T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05154
published_at	2026-04-13T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05168
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4695

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450715
reference_id	2450715
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450715

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020030

reference_id

show_bug.cgi?id=2020030

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020030

fixed_packages

aliases

CVE-2026-4695

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-8qyy-e4jt-rbc4

url

VCID-8xek-k5y2-6bfp

vulnerability_id

VCID-8xek-k5y2-6bfp

summary

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4689

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07536
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07548
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07598
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07637
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0765
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07649
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07632
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07573
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07556
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07623
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450718
reference_id	2450718
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450718

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016374

reference_id

show_bug.cgi?id=2016374

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016374

fixed_packages

aliases

CVE-2026-4689

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-8xek-k5y2-6bfp

url

VCID-b4bq-q3ga-3ff1

vulnerability_id

VCID-b4bq-q3ga-3ff1

summary

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4707

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06294
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06354
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06269
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06366
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0628
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4707

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450755
reference_id	2450755
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450755

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2015267

reference_id

show_bug.cgi?id=2015267

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2015267

fixed_packages

aliases

CVE-2026-4707

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-b4bq-q3ga-3ff1

url

VCID-b6sf-z5tm-4uau

vulnerability_id

VCID-b6sf-z5tm-4uau

summary

Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4696

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07439
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07449
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07524
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07537
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07551
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07448
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07549
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07527
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07468
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07487
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4696

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450740
reference_id	2450740
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450740

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020190

reference_id

show_bug.cgi?id=2020190

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020190

fixed_packages

aliases

CVE-2026-4696

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-b6sf-z5tm-4uau

url

VCID-e2k8-m9sm-8uek

vulnerability_id

VCID-e2k8-m9sm-8uek

summary

Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4699

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06294
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06354
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06269
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06366
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0628
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450739
reference_id	2450739
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450739

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2021863

reference_id

show_bug.cgi?id=2021863

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2021863

fixed_packages

aliases

CVE-2026-4699

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-e2k8-m9sm-8uek

url

VCID-efvs-1tuf-guf4

vulnerability_id

VCID-efvs-1tuf-guf4

summary

Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4712

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03461
published_at	2026-04-18T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03449
published_at	2026-04-16T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03538
published_at	2026-04-04T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03528
published_at	2026-04-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03572
published_at	2026-04-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.0355
published_at	2026-04-08T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03549
published_at	2026-04-07T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03524
published_at	2026-04-02T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03475
published_at	2026-04-13T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03499
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4712

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450728
reference_id	2450728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450728

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017666

reference_id

show_bug.cgi?id=2017666

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017666

fixed_packages

aliases

CVE-2026-4712

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-efvs-1tuf-guf4

url

VCID-ft6u-geds-fua9

vulnerability_id

VCID-ft6u-geds-fua9

summary

JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4702

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4702

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450744
reference_id	2450744
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450744

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2013560

reference_id

show_bug.cgi?id=2013560

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2013560

fixed_packages

aliases

CVE-2026-4702

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ft6u-geds-fua9

url

VCID-gkva-6cu9-7keg

vulnerability_id

VCID-gkva-6cu9-7keg

summary

Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4692

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.0698
published_at	2026-04-18T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06995
published_at	2026-04-16T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07055
published_at	2026-04-13T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07064
published_at	2026-04-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07075
published_at	2026-04-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06948
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07068
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07037
published_at	2026-04-08T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06982
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07002
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450748
reference_id	2450748
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450748

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017643

reference_id

show_bug.cgi?id=2017643

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2017643

fixed_packages

aliases

CVE-2026-4692

risk_score

4.3

exploitability

0.5

weighted_severity

8.6

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-gkva-6cu9-7keg

url

VCID-hshc-4xnc-gug4

vulnerability_id

VCID-hshc-4xnc-gug4

summary

Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4704

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05103
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05098
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05164
published_at	2026-04-07T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05184
published_at	2026-04-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05214
published_at	2026-04-09T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05197
published_at	2026-04-08T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05142
published_at	2026-04-04T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05113
published_at	2026-04-02T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05154
published_at	2026-04-13T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05168
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4704

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450756
reference_id	2450756
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450756

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014868

reference_id

show_bug.cgi?id=2014868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014868

fixed_packages

aliases

CVE-2026-4704

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-hshc-4xnc-gug4

url

VCID-hstd-23qm-bqdg

vulnerability_id

VCID-hstd-23qm-bqdg

summary

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4717

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450712
reference_id	2450712
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450712

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2021695

reference_id

show_bug.cgi?id=2021695

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2021695

fixed_packages

aliases

CVE-2026-4717

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-hstd-23qm-bqdg

url

VCID-j1hb-8jjy-tqgq

vulnerability_id

VCID-j1hb-8jjy-tqgq

summary

Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4693

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06294
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06354
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06269
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06366
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0628
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450741
reference_id	2450741
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450741

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018102

reference_id

show_bug.cgi?id=2018102

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018102

fixed_packages

aliases

CVE-2026-4693

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-j1hb-8jjy-tqgq

url

VCID-kuwd-6tcg-fuha

vulnerability_id

VCID-kuwd-6tcg-fuha

summary

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4713

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05276
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05274
published_at	2026-04-16T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05324
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05349
published_at	2026-04-11T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05381
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05357
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05298
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05265
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05326
published_at	2026-04-13T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05337
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450730
reference_id	2450730
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450730

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018113

reference_id

show_bug.cgi?id=2018113

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018113

fixed_packages

aliases

CVE-2026-4713

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwd-6tcg-fuha

url

VCID-m6uv-91wz-xfdv

vulnerability_id

VCID-m6uv-91wz-xfdv

summary

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4700

reference_id

reference_type

scores

value	0.00022
scoring_system	epss
scoring_elements	0.05916
published_at	2026-04-18T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05905
published_at	2026-04-16T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05901
published_at	2026-04-07T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05959
published_at	2026-04-11T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05978
published_at	2026-04-09T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05939
published_at	2026-04-08T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.0591
published_at	2026-04-04T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05877
published_at	2026-04-02T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.0594
published_at	2026-04-13T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.0595
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4700

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450752
reference_id	2450752
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450752

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2003766

reference_id

show_bug.cgi?id=2003766

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2003766

fixed_packages

aliases

CVE-2026-4700

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-m6uv-91wz-xfdv

url

VCID-mm6w-kpe8-4kg3

vulnerability_id

VCID-mm6w-kpe8-4kg3

summary

Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4684

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.02825
published_at	2026-04-18T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02814
published_at	2026-04-16T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02853
published_at	2026-04-04T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02835
published_at	2026-04-12T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02854
published_at	2026-04-11T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02884
published_at	2026-04-09T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02863
published_at	2026-04-08T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02861
published_at	2026-04-07T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02837
published_at	2026-04-02T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.0283
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450721
reference_id	2450721
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450721

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2011129

reference_id

show_bug.cgi?id=2011129

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2011129

fixed_packages

aliases

CVE-2026-4684

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-mm6w-kpe8-4kg3

url

VCID-nvsz-9s3r-nbhq

vulnerability_id

VCID-nvsz-9s3r-nbhq

summary

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4718

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01668
published_at	2026-04-18T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01665
published_at	2026-04-16T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01692
published_at	2026-04-04T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01686
published_at	2026-04-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01701
published_at	2026-04-09T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01693
published_at	2026-04-08T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01691
published_at	2026-04-07T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01683
published_at	2026-04-02T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01676
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450742
reference_id	2450742
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450742

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014864

reference_id

show_bug.cgi?id=2014864

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014864

fixed_packages

aliases

CVE-2026-4718

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-nvsz-9s3r-nbhq

url

VCID-qkks-24cp-gqg2

vulnerability_id

VCID-qkks-24cp-gqg2

summary

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4706

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06294
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06354
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06366
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0628
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06269
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450714
reference_id	2450714
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450714

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2015091

reference_id

show_bug.cgi?id=2015091

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2015091

fixed_packages

aliases

CVE-2026-4706

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-qkks-24cp-gqg2

url

VCID-rp5h-ym8y-skbw

vulnerability_id

VCID-rp5h-ym8y-skbw

summary

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4701

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450710
reference_id	2450710
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2009303

reference_id

show_bug.cgi?id=2009303

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2009303

fixed_packages

aliases

CVE-2026-4701

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5h-ym8y-skbw

url

VCID-t4t3-5pt5-ayds

vulnerability_id

VCID-t4t3-5pt5-ayds

summary

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4685

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06294
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06354
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06269
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06366
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0628
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450724
reference_id	2450724
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450724

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016349

reference_id

show_bug.cgi?id=2016349

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016349

fixed_packages

aliases

CVE-2026-4685

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t3-5pt5-ayds

url

VCID-u3j3-fc4f-7ff7

vulnerability_id

VCID-u3j3-fc4f-7ff7

summary

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4686

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06294
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06343
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06354
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06359
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06269
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06366
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06326
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.0628
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450734
reference_id	2450734
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450734

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016351

reference_id

show_bug.cgi?id=2016351

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016351

fixed_packages

aliases

CVE-2026-4686

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-u3j3-fc4f-7ff7

url

VCID-wmyy-2cg3-wyhc

vulnerability_id

VCID-wmyy-2cg3-wyhc

summary

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4697

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05103
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05098
published_at	2026-04-16T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05164
published_at	2026-04-07T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05184
published_at	2026-04-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05214
published_at	2026-04-09T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05197
published_at	2026-04-08T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05142
published_at	2026-04-04T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05113
published_at	2026-04-02T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05154
published_at	2026-04-13T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05168
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4697

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450729
reference_id	2450729
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450729

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020422

reference_id

show_bug.cgi?id=2020422

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2020422

fixed_packages

aliases

CVE-2026-4697

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyy-2cg3-wyhc

url

VCID-wqw2-gjvu-6qbu

vulnerability_id

VCID-wqw2-gjvu-6qbu

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4690

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05479
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05518
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05525
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05537
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05562
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05469
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0554
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05504
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450732
reference_id	2450732
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450732

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016375

reference_id

show_bug.cgi?id=2016375

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016375

fixed_packages

aliases

CVE-2026-4690

risk_score

4.3

exploitability

0.5

weighted_severity

8.6

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw2-gjvu-6qbu

url

VCID-wvx2-pba2-sqha

vulnerability_id

VCID-wvx2-pba2-sqha

summary

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4708

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05276
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05274
published_at	2026-04-16T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05324
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05349
published_at	2026-04-11T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05381
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05357
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05298
published_at	2026-04-04T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05265
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05326
published_at	2026-04-13T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05337
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450735
reference_id	2450735
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450735

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2015268

reference_id

show_bug.cgi?id=2015268

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2015268

fixed_packages

aliases

CVE-2026-4708

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wvx2-pba2-sqha

url

VCID-yjc2-2whn-uug5

vulnerability_id

VCID-yjc2-2whn-uug5

summary

Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4694

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.054
published_at	2026-04-18T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05442
published_at	2026-04-13T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05448
published_at	2026-04-12T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05462
published_at	2026-04-11T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.0549
published_at	2026-04-09T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05393
published_at	2026-04-16T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05469
published_at	2026-04-08T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05434
published_at	2026-04-07T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05426
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4694

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450747
reference_id	2450747
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450747

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_id

mfsa2026-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-21

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_id

mfsa2026-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-21/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018430

reference_id

show_bug.cgi?id=2018430

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2018430

fixed_packages

aliases

CVE-2026-4694

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-yjc2-2whn-uug5

url

VCID-ymak-rv52-h7a5

vulnerability_id

VCID-ymak-rv52-h7a5

summary

Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4710

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06078
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06067
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06062
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06117
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06126
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06047
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06027
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06105
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4710

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450727
reference_id	2450727
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450727

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_id

mfsa2026-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_id

mfsa2026-20

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_id

mfsa2026-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_id

mfsa2026-22

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_id

mfsa2026-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_id

mfsa2026-23

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_id

mfsa2026-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_id

mfsa2026-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-24/

reference_url	https://access.redhat.com/errata/RHSA-2026:5930
reference_id	RHSA-2026:5930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5930

reference_url	https://access.redhat.com/errata/RHSA-2026:5931
reference_id	RHSA-2026:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5931

reference_url	https://access.redhat.com/errata/RHSA-2026:5932
reference_id	RHSA-2026:5932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5932

reference_url	https://access.redhat.com/errata/RHSA-2026:6188
reference_id	RHSA-2026:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6188

reference_url	https://access.redhat.com/errata/RHSA-2026:6342
reference_id	RHSA-2026:6342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6342

reference_url	https://access.redhat.com/errata/RHSA-2026:6917
reference_id	RHSA-2026:6917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6917

reference_url	https://access.redhat.com/errata/RHSA-2026:7837
reference_id	RHSA-2026:7837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7837

reference_url	https://access.redhat.com/errata/RHSA-2026:7838
reference_id	RHSA-2026:7838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7838

reference_url	https://access.redhat.com/errata/RHSA-2026:7839
reference_id	RHSA-2026:7839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7839

reference_url	https://access.redhat.com/errata/RHSA-2026:7840
reference_id	RHSA-2026:7840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7840

reference_url	https://access.redhat.com/errata/RHSA-2026:7841
reference_id	RHSA-2026:7841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7841

reference_url	https://access.redhat.com/errata/RHSA-2026:7842
reference_id	RHSA-2026:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7842

reference_url	https://access.redhat.com/errata/RHSA-2026:7843
reference_id	RHSA-2026:7843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7843

reference_url	https://access.redhat.com/errata/RHSA-2026:7845
reference_id	RHSA-2026:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7845

reference_url	https://access.redhat.com/errata/RHSA-2026:7858
reference_id	RHSA-2026:7858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7858

reference_url	https://access.redhat.com/errata/RHSA-2026:8284
reference_id	RHSA-2026:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8284

reference_url	https://access.redhat.com/errata/RHSA-2026:8285
reference_id	RHSA-2026:8285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8285

reference_url	https://access.redhat.com/errata/RHSA-2026:8286
reference_id	RHSA-2026:8286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8286

reference_url	https://access.redhat.com/errata/RHSA-2026:8287
reference_id	RHSA-2026:8287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8287

reference_url	https://access.redhat.com/errata/RHSA-2026:8288
reference_id	RHSA-2026:8288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8288

reference_url	https://access.redhat.com/errata/RHSA-2026:8289
reference_id	RHSA-2026:8289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8289

reference_url	https://access.redhat.com/errata/RHSA-2026:8290
reference_id	RHSA-2026:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8290

reference_url	https://access.redhat.com/errata/RHSA-2026:8315
reference_id	RHSA-2026:8315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8315

reference_url	https://access.redhat.com/errata/RHSA-2026:8427
reference_id	RHSA-2026:8427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8427

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016370

reference_id

show_bug.cgi?id=2016370

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2016370

fixed_packages

aliases

CVE-2026-4710

risk_score

4.4

exploitability

0.5

weighted_severity

8.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ymak-rv52-h7a5

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@140.9.0-1%3Farch=el10_0

Package Instance