Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1066723?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1066723?format=api", "purl": "pkg:rpm/redhat/firefox@140.9.0-1?arch=el9_0", "type": "rpm", "namespace": "redhat", "name": "firefox", "version": "140.9.0-1", "qualifiers": { "arch": "el9_0" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62703?format=api", "vulnerability_id": "VCID-13he-qsr4-h3d4", "summary": "Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06438", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0629", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06339", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06266", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06362", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06322", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.063", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06276", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450726", "reference_id": "2450726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450726" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016329", "reference_id": "show_bug.cgi?id=2016329", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016329" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016342", "reference_id": "show_bug.cgi?id=2016342", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016342" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4709" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13he-qsr4-h3d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62709?format=api", "vulnerability_id": "VCID-1fv1-edht-ufag", "summary": "Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450723", "reference_id": "2450723", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450723" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018405", "reference_id": "show_bug.cgi?id=2018405", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018405" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4715" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1fv1-edht-ufag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62708?format=api", "vulnerability_id": "VCID-23eu-22t2-cydd", "summary": "Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05357", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05298", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05265", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05337", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450725", "reference_id": "2450725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450725" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018126", "reference_id": "show_bug.cgi?id=2018126", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018126" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4714" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-23eu-22t2-cydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62686?format=api", "vulnerability_id": "VCID-26d3-ctnj-7kbh", "summary": "Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10185", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10054", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10092", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10264", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10196", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10131", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10204", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450738", "reference_id": "2450738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450738" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017512", "reference_id": "show_bug.cgi?id=2017512", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017512" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4691" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-26d3-ctnj-7kbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62710?format=api", "vulnerability_id": "VCID-289s-f2w6-53g9", "summary": "Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4716" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450720", "reference_id": "2450720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450720" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018592", "reference_id": "show_bug.cgi?id=2018592", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018592" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4716" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-289s-f2w6-53g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62693?format=api", "vulnerability_id": "VCID-351y-4nek-u3aw", "summary": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07439", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07468", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07524", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07537", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07549", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07527", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07487", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07449", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12851", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450719", "reference_id": "2450719", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450719" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020906", "reference_id": "show_bug.cgi?id=2020906", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020906" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4698" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-351y-4nek-u3aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62714?format=api", "vulnerability_id": "VCID-3grf-hwk1-3fh8", "summary": "Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05357", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05298", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05265", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05337", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450746", "reference_id": "2450746", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450746" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016367", "reference_id": "show_bug.cgi?id=2016367", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016367" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4719" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3grf-hwk1-3fh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62716?format=api", "vulnerability_id": "VCID-3kd3-hwzv-efbn", "summary": "Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06333", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06184", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06228", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06237", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06198", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06172", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06213", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450711", "reference_id": "2450711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450711" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676", "reference_id": "buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4721" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kd3-hwzv-efbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62699?format=api", "vulnerability_id": "VCID-3xgu-7evz-mffw", "summary": "Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05737", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05579", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05629", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05656", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05557", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05565", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05614", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0562", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450722", "reference_id": "2450722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450722" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014873", "reference_id": "show_bug.cgi?id=2014873", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014873" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4705" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3xgu-7evz-mffw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62715?format=api", "vulnerability_id": "VCID-4q6w-tdk9-d3an", "summary": "Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450751", "reference_id": "2450751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450751" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733", "reference_id": "buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4720" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6w-tdk9-d3an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62705?format=api", "vulnerability_id": "VCID-4r8e-64b6-bbbu", "summary": "Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4711" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450733", "reference_id": "2450733", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450733" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017002", "reference_id": "show_bug.cgi?id=2017002", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017002" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4711" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4r8e-64b6-bbbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62682?format=api", "vulnerability_id": "VCID-646f-ndeq-5bee", "summary": "Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06543", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06394", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06376", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06454", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06461", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06425", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06388", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06357", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06385", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06444", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450757", "reference_id": "2450757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450757" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016368", "reference_id": "show_bug.cgi?id=2016368", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016368" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4687" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-646f-ndeq-5bee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62683?format=api", "vulnerability_id": "VCID-675n-7uzz-pqdj", "summary": "Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05519", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05357", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05385", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05449", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05426", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05392", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05354", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05401", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05409", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450713", "reference_id": "2450713", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450713" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016373", "reference_id": "show_bug.cgi?id=2016373", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016373" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4688" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-675n-7uzz-pqdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62690?format=api", "vulnerability_id": "VCID-8qyy-e4jt-rbc4", "summary": "Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05256", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05103", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05184", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05142", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05113", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05168", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450715", "reference_id": "2450715", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450715" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020030", "reference_id": "show_bug.cgi?id=2020030", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020030" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4695" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qyy-e4jt-rbc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62684?format=api", "vulnerability_id": "VCID-8xek-k5y2-6bfp", "summary": "Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4689", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07676", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07536", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07598", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0765", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07632", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07573", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07556", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07548", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07623", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4689" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450718", "reference_id": "2450718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450718" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016374", "reference_id": "show_bug.cgi?id=2016374", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016374" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4689" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xek-k5y2-6bfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62701?format=api", "vulnerability_id": "VCID-b4bq-q3ga-3ff1", "summary": "Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4707", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03727", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4707" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450755", "reference_id": "2450755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450755" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015267", "reference_id": "show_bug.cgi?id=2015267", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015267" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4707" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b4bq-q3ga-3ff1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62691?format=api", "vulnerability_id": "VCID-b6sf-z5tm-4uau", "summary": "Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07567", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07439", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07468", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07537", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07549", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07527", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07487", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07449", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07524", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450740", "reference_id": "2450740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450740" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020190", "reference_id": "show_bug.cgi?id=2020190", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020190" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4696" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b6sf-z5tm-4uau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62694?format=api", "vulnerability_id": "VCID-e2k8-m9sm-8uek", "summary": "Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450739", "reference_id": "2450739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450739" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021863", "reference_id": "show_bug.cgi?id=2021863", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021863" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4699" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2k8-m9sm-8uek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62706?format=api", "vulnerability_id": "VCID-efvs-1tuf-guf4", "summary": "Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03584", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03461", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03538", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03528", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03572", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0355", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03449", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03475", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03499", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4712" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450728", "reference_id": "2450728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450728" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017666", "reference_id": "show_bug.cgi?id=2017666", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017666" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4712" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efvs-1tuf-guf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62697?format=api", "vulnerability_id": "VCID-ft6u-geds-fua9", "summary": "JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450744", "reference_id": "2450744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450744" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013560", "reference_id": "show_bug.cgi?id=2013560", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013560" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4702" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ft6u-geds-fua9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62687?format=api", "vulnerability_id": "VCID-gkva-6cu9-7keg", "summary": "Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07112", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0698", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06982", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07064", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07075", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07068", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07002", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06948", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06995", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07055", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450748", "reference_id": "2450748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450748" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017643", "reference_id": "show_bug.cgi?id=2017643", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017643" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4692" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkva-6cu9-7keg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62698?format=api", "vulnerability_id": "VCID-hshc-4xnc-gug4", "summary": "Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05256", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05103", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05184", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05142", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05113", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05168", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450756", "reference_id": "2450756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450756" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014868", "reference_id": "show_bug.cgi?id=2014868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014868" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4704" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hshc-4xnc-gug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62711?format=api", "vulnerability_id": "VCID-hstd-23qm-bqdg", "summary": "Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450712", "reference_id": "2450712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021695", "reference_id": "show_bug.cgi?id=2021695", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021695" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4717" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hstd-23qm-bqdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62688?format=api", "vulnerability_id": "VCID-j1hb-8jjy-tqgq", "summary": "Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450741", "reference_id": "2450741", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450741" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018102", "reference_id": "show_bug.cgi?id=2018102", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018102" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4693" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1hb-8jjy-tqgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62707?format=api", "vulnerability_id": "VCID-kuwd-6tcg-fuha", "summary": "Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05357", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05298", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05265", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05337", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450730", "reference_id": "2450730", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450730" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018113", "reference_id": "show_bug.cgi?id=2018113", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018113" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4713" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwd-6tcg-fuha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62695?format=api", "vulnerability_id": "VCID-m6uv-91wz-xfdv", "summary": "Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06069", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05916", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05959", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05978", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0594", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0595", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4700" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450752", "reference_id": "2450752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450752" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003766", "reference_id": "show_bug.cgi?id=2003766", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003766" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4700" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m6uv-91wz-xfdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62679?format=api", "vulnerability_id": "VCID-mm6w-kpe8-4kg3", "summary": "Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02941", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02825", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02853", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02835", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02837", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0283", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450721", "reference_id": "2450721", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450721" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011129", "reference_id": "show_bug.cgi?id=2011129", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011129" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4684" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mm6w-kpe8-4kg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62713?format=api", "vulnerability_id": "VCID-nvsz-9s3r-nbhq", "summary": "Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01757", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01668", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01692", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01686", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01701", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01693", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01676", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450742", "reference_id": "2450742", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450742" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014864", "reference_id": "show_bug.cgi?id=2014864", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014864" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4718" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvsz-9s3r-nbhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62700?format=api", "vulnerability_id": "VCID-qkks-24cp-gqg2", "summary": "Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4706", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450714", "reference_id": "2450714", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015091", "reference_id": "show_bug.cgi?id=2015091", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015091" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4706" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkks-24cp-gqg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62696?format=api", "vulnerability_id": "VCID-rp5h-ym8y-skbw", "summary": "Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450710", "reference_id": "2450710", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009303", "reference_id": "show_bug.cgi?id=2009303", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009303" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4701" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5h-ym8y-skbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62680?format=api", "vulnerability_id": "VCID-t4t3-5pt5-ayds", "summary": "Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450724", "reference_id": "2450724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450724" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016349", "reference_id": "show_bug.cgi?id=2016349", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016349" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4685" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t3-5pt5-ayds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62681?format=api", "vulnerability_id": "VCID-u3j3-fc4f-7ff7", "summary": "Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450734", "reference_id": "2450734", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450734" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016351", "reference_id": "show_bug.cgi?id=2016351", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016351" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4686" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3j3-fc4f-7ff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62692?format=api", "vulnerability_id": "VCID-wmyy-2cg3-wyhc", "summary": "Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05256", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05103", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05184", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05142", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05113", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05168", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450729", "reference_id": "2450729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450729" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020422", "reference_id": "show_bug.cgi?id=2020422", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020422" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4697" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyy-2cg3-wyhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62685?format=api", "vulnerability_id": "VCID-wqw2-gjvu-6qbu", "summary": "Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03218", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0554", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05479", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05518", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05537", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05562", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05504", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05469", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450732", "reference_id": "2450732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450732" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016375", "reference_id": "show_bug.cgi?id=2016375", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016375" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4690" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw2-gjvu-6qbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62702?format=api", "vulnerability_id": "VCID-wvx2-pba2-sqha", "summary": "Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05357", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05298", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05265", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05337", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450735", "reference_id": "2450735", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450735" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015268", "reference_id": "show_bug.cgi?id=2015268", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015268" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4708" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wvx2-pba2-sqha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62689?format=api", "vulnerability_id": "VCID-yjc2-2whn-uug5", "summary": "Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05569", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.054", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05442", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05448", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05462", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05393", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0549", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05469", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05426", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450747", "reference_id": "2450747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450747" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018430", "reference_id": "show_bug.cgi?id=2018430", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018430" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4694" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjc2-2whn-uug5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62704?format=api", "vulnerability_id": "VCID-ymak-rv52-h7a5", "summary": "Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06067", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06112", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450727", "reference_id": "2450727", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450727" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016370", "reference_id": "show_bug.cgi?id=2016370", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016370" } ], "fixed_packages": [], "aliases": [ "CVE-2026-4710" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymak-rv52-h7a5" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@140.9.0-1%3Farch=el9_0" }