Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
Typedeb
Namespacedebian
Namethunderbird
Version1:140.9.1esr-1~deb12u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:140.10.0esr-1~deb12u1
Latest_non_vulnerable_version1:140.10.0esr-1
Affected_by_vulnerabilities
0
url VCID-2fqb-r5zb-a7dp
vulnerability_id VCID-2fqb-r5zb-a7dp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6748.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6748.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6748
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.14977
published_at 2026-04-26T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.14974
published_at 2026-04-24T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19678
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6748
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460103
reference_id 2460103
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460103
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2022604
reference_id show_bug.cgi?id=2022604
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2022604
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6748
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2fqb-r5zb-a7dp
1
url VCID-3kv6-c148-nkhq
vulnerability_id VCID-3kv6-c148-nkhq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6765.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6765.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6765
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09518
published_at 2026-04-26T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09553
published_at 2026-04-24T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.13012
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6765
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460107
reference_id 2460107
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460107
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:08:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:08:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:08:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:08:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2022419
reference_id show_bug.cgi?id=2022419
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:08:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2022419
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6765
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kv6-c148-nkhq
2
url VCID-59d3-343b-e3aw
vulnerability_id VCID-59d3-343b-e3aw
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6770.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6770.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6770
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13446
published_at 2026-04-26T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13474
published_at 2026-04-24T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.17991
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6770
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460079
reference_id 2460079
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460079
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:44:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:44:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:44:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:44:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2024220
reference_id show_bug.cgi?id=2024220
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T17:44:11Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2024220
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6770
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59d3-343b-e3aw
3
url VCID-61r1-arbe-dke4
vulnerability_id VCID-61r1-arbe-dke4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6761.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6761.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6761
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.123
published_at 2026-04-26T12:55:00Z
1
value 0.00041
scoring_system epss
scoring_elements 0.12334
published_at 2026-04-24T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13298
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6761
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460099
reference_id 2460099
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460099
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:24:28Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:24:28Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:24:28Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:24:28Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017857
reference_id show_bug.cgi?id=2017857
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:24:28Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017857
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6761
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-61r1-arbe-dke4
4
url VCID-7jt2-zr49-7ye5
vulnerability_id VCID-7jt2-zr49-7ye5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6766
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09893
published_at 2026-04-26T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09926
published_at 2026-04-24T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13452
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6766
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460097
reference_id 2460097
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460097
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023207
reference_id show_bug.cgi?id=2023207
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023207
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6766
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jt2-zr49-7ye5
5
url VCID-95et-ezmb-buau
vulnerability_id VCID-95et-ezmb-buau
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6751.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6751.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6751
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13446
published_at 2026-04-26T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13474
published_at 2026-04-24T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.17991
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6751
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460109
reference_id 2460109
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460109
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:58:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:58:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:58:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:58:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2025883
reference_id show_bug.cgi?id=2025883
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:58:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2025883
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6751
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95et-ezmb-buau
6
url VCID-9nbw-7c9e-13af
vulnerability_id VCID-9nbw-7c9e-13af
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6763.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6763.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6763
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.12897
published_at 2026-04-26T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12932
published_at 2026-04-24T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17294
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6763
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460101
reference_id 2460101
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460101
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021666
reference_id show_bug.cgi?id=2021666
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021666
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6763
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9nbw-7c9e-13af
7
url VCID-av7u-3g4m-mugm
vulnerability_id VCID-av7u-3g4m-mugm
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6762.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6762
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.12289
published_at 2026-04-26T12:55:00Z
1
value 0.00041
scoring_system epss
scoring_elements 0.12323
published_at 2026-04-24T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13289
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6762
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460076
reference_id 2460076
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460076
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021080
reference_id show_bug.cgi?id=2021080
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021080
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6762
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-av7u-3g4m-mugm
8
url VCID-bwth-uepr-z7a3
vulnerability_id VCID-bwth-uepr-z7a3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6750.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6750.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6750
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.12533
published_at 2026-04-26T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13564
published_at 2026-04-29T12:55:00Z
2
value 0.00048
scoring_system epss
scoring_elements 0.14809
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6750
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460102
reference_id 2460102
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460102
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-22T15:07:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-22T15:07:23Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-22T15:07:23Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-22T15:07:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-22T15:07:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023407
reference_id show_bug.cgi?id=2023407
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-22T15:07:23Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023407
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6750
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwth-uepr-z7a3
9
url VCID-cjsm-7gxr-8ygw
vulnerability_id VCID-cjsm-7gxr-8ygw
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6746.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6746.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6746
reference_id
reference_type
scores
0
value 0.00048
scoring_system epss
scoring_elements 0.14812
published_at 2026-04-26T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19472
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6746
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460112
reference_id 2460112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460112
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014596
reference_id show_bug.cgi?id=2014596
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014596
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6746
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjsm-7gxr-8ygw
10
url VCID-d16s-p141-qbft
vulnerability_id VCID-d16s-p141-qbft
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6752.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6752
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15177
published_at 2026-04-24T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.15181
published_at 2026-04-26T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.1988
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6752
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460078
reference_id 2460078
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460078
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2027499
reference_id show_bug.cgi?id=2027499
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2027499
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6752
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d16s-p141-qbft
11
url VCID-fxjm-ywug-f3d5
vulnerability_id VCID-fxjm-ywug-f3d5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6767
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10758
published_at 2026-04-24T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10742
published_at 2026-04-26T12:55:00Z
2
value 0.00048
scoring_system epss
scoring_elements 0.14669
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6767
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460086
reference_id 2460086
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460086
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:03:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:03:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:03:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:03:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:03:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023209
reference_id show_bug.cgi?id=2023209
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T18:03:10Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023209
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6767
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fxjm-ywug-f3d5
12
url VCID-hk2m-rbdy-nqhc
vulnerability_id VCID-hk2m-rbdy-nqhc
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6772
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11114
published_at 2026-04-26T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11157
published_at 2026-04-24T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15173
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6772
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460074
reference_id 2460074
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460074
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2026089
reference_id show_bug.cgi?id=2026089
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2026089
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6772
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hk2m-rbdy-nqhc
13
url VCID-ma29-qa7e-9qb4
vulnerability_id VCID-ma29-qa7e-9qb4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6764.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6764.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6764
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.1345
published_at 2026-04-26T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13479
published_at 2026-04-24T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.17994
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6764
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460106
reference_id 2460106
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460106
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:09:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:09:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:09:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:09:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2022162
reference_id show_bug.cgi?id=2022162
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:09:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2022162
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6764
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ma29-qa7e-9qb4
14
url VCID-nge1-4cvg-zqb2
vulnerability_id VCID-nge1-4cvg-zqb2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6769.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6769.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6769
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.123
published_at 2026-04-26T12:55:00Z
1
value 0.00041
scoring_system epss
scoring_elements 0.12334
published_at 2026-04-24T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13298
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6769
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460108
reference_id 2460108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460108
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:23:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:23:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:23:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:23:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023753
reference_id show_bug.cgi?id=2023753
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T20:23:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023753
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6769
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nge1-4cvg-zqb2
15
url VCID-nyum-jpbc-abew
vulnerability_id VCID-nyum-jpbc-abew
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6776.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6776.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6776
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.0177
published_at 2026-04-26T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01775
published_at 2026-04-24T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.022
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6776
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460110
reference_id 2460110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460110
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021770
reference_id show_bug.cgi?id=2021770
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021770
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6776
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyum-jpbc-abew
16
url VCID-p6yz-xs58-u3gm
vulnerability_id VCID-p6yz-xs58-u3gm
summary Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6786.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6786.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6786
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14087
published_at 2026-04-26T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14113
published_at 2026-04-24T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19678
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6786
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460088
reference_id 2460088
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460088
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6786
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p6yz-xs58-u3gm
17
url VCID-pfmd-zv8f-8bfc
vulnerability_id VCID-pfmd-zv8f-8bfc
summary Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6785.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6785.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6785
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.16978
published_at 2026-04-26T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.16997
published_at 2026-04-24T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20012
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6785
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460104
reference_id 2460104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460104
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:35:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6785
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pfmd-zv8f-8bfc
18
url VCID-q689-wneh-hbdq
vulnerability_id VCID-q689-wneh-hbdq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6757.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6757.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6757
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11162
published_at 2026-04-26T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11204
published_at 2026-04-24T12:55:00Z
2
value 0.00041
scoring_system epss
scoring_elements 0.12224
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6757
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460085
reference_id 2460085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460085
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013588
reference_id show_bug.cgi?id=2013588
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013588
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6757
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q689-wneh-hbdq
19
url VCID-q8qp-5szp-mfe8
vulnerability_id VCID-q8qp-5szp-mfe8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6749.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6749.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6749
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11114
published_at 2026-04-26T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11157
published_at 2026-04-24T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15173
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6749
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460096
reference_id 2460096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460096
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2022610
reference_id show_bug.cgi?id=2022610
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2022610
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6749
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8qp-5szp-mfe8
20
url VCID-ruqn-mk9t-57hb
vulnerability_id VCID-ruqn-mk9t-57hb
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6753.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6753.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6753
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13446
published_at 2026-04-26T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13474
published_at 2026-04-24T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.17991
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6753
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460092
reference_id 2460092
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460092
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T14:17:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T14:17:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T14:17:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T14:17:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2027501
reference_id show_bug.cgi?id=2027501
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T14:17:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2027501
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6753
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ruqn-mk9t-57hb
21
url VCID-tv7r-qf2c-dqbm
vulnerability_id VCID-tv7r-qf2c-dqbm
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6771.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6771.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6771
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14505
published_at 2026-04-26T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14507
published_at 2026-04-24T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.19115
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6771
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460105
reference_id 2460105
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460105
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2025067
reference_id show_bug.cgi?id=2025067
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2025067
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6771
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tv7r-qf2c-dqbm
22
url VCID-w98r-yagc-kkec
vulnerability_id VCID-w98r-yagc-kkec
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6754.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6754.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6754
reference_id
reference_type
scores
0
value 0.00048
scoring_system epss
scoring_elements 0.14812
published_at 2026-04-26T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19472
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6754
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460075
reference_id 2460075
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460075
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
reference_id mfsa2026-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-31/
reference_id mfsa2026-31
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/
url https://www.mozilla.org/security/advisories/mfsa2026-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
14
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
15
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
16
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
17
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2027541
reference_id show_bug.cgi?id=2027541
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2027541
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6754
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w98r-yagc-kkec
23
url VCID-z6tm-b352-5uhk
vulnerability_id VCID-z6tm-b352-5uhk
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6747.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6747.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6747
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14389
published_at 2026-04-26T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14415
published_at 2026-04-24T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.1905
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6747
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460095
reference_id 2460095
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460095
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
reference_id mfsa2026-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
reference_id mfsa2026-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-34
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
12
reference_url https://access.redhat.com/errata/RHSA-2026:10757
reference_id RHSA-2026:10757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10757
13
reference_url https://access.redhat.com/errata/RHSA-2026:10766
reference_id RHSA-2026:10766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10766
14
reference_url https://access.redhat.com/errata/RHSA-2026:10767
reference_id RHSA-2026:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10767
15
reference_url https://access.redhat.com/errata/RHSA-2026:12285
reference_id RHSA-2026:12285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12285
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021769
reference_id show_bug.cgi?id=2021769
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021769
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-6747
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6tm-b352-5uhk
Fixing_vulnerabilities
0
url VCID-13he-qsr4-h3d4
vulnerability_id VCID-13he-qsr4-h3d4
summary Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4709
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06276
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06454
published_at 2026-04-24T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06438
published_at 2026-04-21T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0629
published_at 2026-04-18T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06339
published_at 2026-04-13T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.0635
published_at 2026-04-12T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06355
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06362
published_at 2026-04-09T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06322
published_at 2026-04-08T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.063
published_at 2026-04-04T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06266
published_at 2026-04-02T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07114
published_at 2026-04-29T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07156
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4709
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450726
reference_id 2450726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450726
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016329
reference_id show_bug.cgi?id=2016329
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016329
41
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016342
reference_id show_bug.cgi?id=2016342
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016342
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4709
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-13he-qsr4-h3d4
1
url VCID-15j8-br8z-juf3
vulnerability_id VCID-15j8-br8z-juf3
summary Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3889.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3889.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3889
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07517
published_at 2026-04-24T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-21T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-16T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07427
published_at 2026-04-18T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07515
published_at 2026-04-13T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07528
published_at 2026-04-12T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07542
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07541
published_at 2026-04-09T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07518
published_at 2026-04-08T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.0746
published_at 2026-04-07T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07479
published_at 2026-04-04T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08255
published_at 2026-04-29T12:55:00Z
12
value 0.00029
scoring_system epss
scoring_elements 0.08286
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3889
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3889
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451006
reference_id 2451006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451006
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
9
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
10
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
11
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
12
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
13
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
14
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
15
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
16
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
17
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
18
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
19
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
20
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
21
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020723
reference_id show_bug.cgi?id=2020723
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:05:32Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020723
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-3889
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15j8-br8z-juf3
2
url VCID-1fv1-edht-ufag
vulnerability_id VCID-1fv1-edht-ufag
summary Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4715
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4715
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450723
reference_id 2450723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450723
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018405
reference_id show_bug.cgi?id=2018405
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018405
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4715
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fv1-edht-ufag
3
url VCID-23eu-22t2-cydd
vulnerability_id VCID-23eu-22t2-cydd
summary Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4714
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.05996
published_at 2026-04-26T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4714
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450725
reference_id 2450725
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450725
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018126
reference_id show_bug.cgi?id=2018126
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018126
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4714
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-23eu-22t2-cydd
4
url VCID-26d3-ctnj-7kbh
vulnerability_id VCID-26d3-ctnj-7kbh
summary Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4691
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10092
published_at 2026-04-07T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10076
published_at 2026-04-16T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10204
published_at 2026-04-13T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10223
published_at 2026-04-12T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10264
published_at 2026-04-11T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10228
published_at 2026-04-09T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10167
published_at 2026-04-08T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10196
published_at 2026-04-04T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10131
published_at 2026-04-02T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10166
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10185
published_at 2026-04-21T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10054
published_at 2026-04-18T12:55:00Z
12
value 0.00038
scoring_system epss
scoring_elements 0.11121
published_at 2026-04-29T12:55:00Z
13
value 0.00038
scoring_system epss
scoring_elements 0.11187
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4691
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450738
reference_id 2450738
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450738
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017512
reference_id show_bug.cgi?id=2017512
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017512
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4691
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26d3-ctnj-7kbh
5
url VCID-289s-f2w6-53g9
vulnerability_id VCID-289s-f2w6-53g9
summary Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4716
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4716
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450720
reference_id 2450720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450720
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018592
reference_id show_bug.cgi?id=2018592
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018592
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4716
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-289s-f2w6-53g9
6
url VCID-351y-4nek-u3aw
vulnerability_id VCID-351y-4nek-u3aw
summary JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4698
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07468
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07448
published_at 2026-04-02T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-18T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-16T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07524
published_at 2026-04-13T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07537
published_at 2026-04-12T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07549
published_at 2026-04-09T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-08T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-04T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12851
published_at 2026-04-21T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.12871
published_at 2026-04-24T12:55:00Z
12
value 0.00046
scoring_system epss
scoring_elements 0.14073
published_at 2026-04-26T12:55:00Z
13
value 0.00046
scoring_system epss
scoring_elements 0.14005
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4698
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450719
reference_id 2450719
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450719
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020906
reference_id show_bug.cgi?id=2020906
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:59:20Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020906
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4698
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-351y-4nek-u3aw
7
url VCID-3grf-hwk1-3fh8
vulnerability_id VCID-3grf-hwk1-3fh8
summary Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4719
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.05996
published_at 2026-04-26T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4719
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450746
reference_id 2450746
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450746
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016367
reference_id show_bug.cgi?id=2016367
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016367
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4719
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3grf-hwk1-3fh8
8
url VCID-3kd3-hwzv-efbn
vulnerability_id VCID-3kd3-hwzv-efbn
summary Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4721
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06155
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06184
published_at 2026-04-18T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06213
published_at 2026-04-13T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06223
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06228
published_at 2026-04-11T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06237
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06198
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06172
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06141
published_at 2026-04-02T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06352
published_at 2026-04-24T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06333
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06979
published_at 2026-04-29T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.07015
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4721
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450711
reference_id 2450711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450711
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
reference_id buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
15
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
16
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
17
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
18
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
19
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
20
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
21
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
22
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
23
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
24
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
25
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
26
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
27
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
28
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
29
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
30
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
31
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
32
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
33
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
34
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
35
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
36
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
37
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
38
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
39
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
40
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4721
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kd3-hwzv-efbn
9
url VCID-3xgu-7evz-mffw
vulnerability_id VCID-3xgu-7evz-mffw
summary Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4705
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05592
published_at 2026-04-07T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05614
published_at 2026-04-13T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0562
published_at 2026-04-12T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05629
published_at 2026-04-11T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05656
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05594
published_at 2026-04-04T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.0563
published_at 2026-04-08T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05557
published_at 2026-04-02T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05769
published_at 2026-04-24T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05737
published_at 2026-04-21T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05579
published_at 2026-04-18T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05565
published_at 2026-04-16T12:55:00Z
12
value 0.00023
scoring_system epss
scoring_elements 0.06273
published_at 2026-04-26T12:55:00Z
13
value 0.00023
scoring_system epss
scoring_elements 0.06284
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4705
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450722
reference_id 2450722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450722
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014873
reference_id show_bug.cgi?id=2014873
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014873
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4705
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xgu-7evz-mffw
10
url VCID-4q6w-tdk9-d3an
vulnerability_id VCID-4q6w-tdk9-d3an
summary Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4720
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450751
reference_id 2450751
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450751
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
reference_id buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
14
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
15
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
16
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
17
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
18
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
19
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
20
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
21
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
22
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
23
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
24
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
25
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
26
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
27
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
28
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
29
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
30
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
31
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
32
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
33
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
34
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
35
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
36
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
37
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
38
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4720
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6w-tdk9-d3an
11
url VCID-5dw5-vpt8-zqbz
vulnerability_id VCID-5dw5-vpt8-zqbz
summary Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5731
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17176
published_at 2026-04-12T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17223
published_at 2026-04-11T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17244
published_at 2026-04-09T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17187
published_at 2026-04-08T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20012
published_at 2026-04-29T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20168
published_at 2026-04-18T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20167
published_at 2026-04-21T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20048
published_at 2026-04-24T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20043
published_at 2026-04-26T12:55:00Z
9
value 0.00072
scoring_system epss
scoring_elements 0.21867
published_at 2026-04-13T12:55:00Z
10
value 0.00072
scoring_system epss
scoring_elements 0.21869
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5731
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455901
reference_id 2455901
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455901
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-26
reference_id mfsa2026-26
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-26
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-26/
reference_id mfsa2026-26
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-26/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:12:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
15
reference_url https://access.redhat.com/errata/RHSA-2026:11805
reference_id RHSA-2026:11805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11805
16
reference_url https://access.redhat.com/errata/RHSA-2026:11813
reference_id RHSA-2026:11813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11813
17
reference_url https://access.redhat.com/errata/RHSA-2026:12264
reference_id RHSA-2026:12264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12264
18
reference_url https://access.redhat.com/errata/RHSA-2026:13342
reference_id RHSA-2026:13342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13342
19
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
20
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
21
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
22
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
23
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
24
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
2
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-5731
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dw5-vpt8-zqbz
12
url VCID-646f-ndeq-5bee
vulnerability_id VCID-646f-ndeq-5bee
summary Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4687
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06376
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06385
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06444
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06454
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06461
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06468
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06425
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06388
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06357
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06559
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06543
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-18T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07205
published_at 2026-04-29T12:55:00Z
13
value 0.00026
scoring_system epss
scoring_elements 0.07233
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4687
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450757
reference_id 2450757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450757
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016368
reference_id show_bug.cgi?id=2016368
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016368
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4687
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-646f-ndeq-5bee
13
url VCID-675n-7uzz-pqdj
vulnerability_id VCID-675n-7uzz-pqdj
summary Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4688
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05392
published_at 2026-04-07T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05401
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05409
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05422
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05449
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05385
published_at 2026-04-04T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05426
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05355
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05555
published_at 2026-04-24T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05519
published_at 2026-04-21T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-18T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05354
published_at 2026-04-16T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.06089
published_at 2026-04-26T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.06095
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4688
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450713
reference_id 2450713
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450713
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
reference_id show_bug.cgi?id=2016373
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016373
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4688
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-675n-7uzz-pqdj
14
url VCID-6mur-mtfg-97gt
vulnerability_id VCID-6mur-mtfg-97gt
summary A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4371.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4371.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4371
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17458
published_at 2026-04-24T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17548
published_at 2026-04-21T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17716
published_at 2026-04-02T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17514
published_at 2026-04-18T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17505
published_at 2026-04-16T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.1756
published_at 2026-04-13T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17612
published_at 2026-04-12T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17659
published_at 2026-04-11T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.1764
published_at 2026-04-09T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17763
published_at 2026-04-04T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17579
published_at 2026-04-08T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.1749
published_at 2026-04-07T12:55:00Z
12
value 0.00061
scoring_system epss
scoring_elements 0.18878
published_at 2026-04-29T12:55:00Z
13
value 0.00061
scoring_system epss
scoring_elements 0.1892
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4371
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4371
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4371
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451001
reference_id 2451001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451001
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
9
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
10
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
11
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
12
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
13
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
14
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
15
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
16
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
17
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
18
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
19
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
20
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
21
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2023493
reference_id show_bug.cgi?id=2023493
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:24:48Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2023493
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4371
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6mur-mtfg-97gt
15
url VCID-77y6-jskt-qucb
vulnerability_id VCID-77y6-jskt-qucb
summary libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59375
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12206
published_at 2026-04-21T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12038
published_at 2026-04-29T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15188
published_at 2026-04-26T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15184
published_at 2026-04-24T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15663
published_at 2026-04-07T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15811
published_at 2026-04-02T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15808
published_at 2026-04-09T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15748
published_at 2026-04-08T12:55:00Z
8
value 0.00051
scoring_system epss
scoring_elements 0.15871
published_at 2026-04-04T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.18108
published_at 2026-04-16T12:55:00Z
10
value 0.00058
scoring_system epss
scoring_elements 0.18262
published_at 2026-04-11T12:55:00Z
11
value 0.00058
scoring_system epss
scoring_elements 0.18121
published_at 2026-04-18T12:55:00Z
12
value 0.00058
scoring_system epss
scoring_elements 0.18164
published_at 2026-04-13T12:55:00Z
13
value 0.00058
scoring_system epss
scoring_elements 0.18215
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59375
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/libexpat/libexpat/issues/1018
reference_id 1018
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/issues/1018
5
reference_url https://github.com/libexpat/libexpat/pull/1034
reference_id 1034
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/pull/1034
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298
reference_id 1115298
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395108
reference_id 2395108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395108
8
reference_url https://issues.oss-fuzz.com/issues/439133977
reference_id 439133977
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://issues.oss-fuzz.com/issues/439133977
9
reference_url https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
reference_id Changes
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
10
reference_url https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
reference_id Changes#L45-L74
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/
url https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
15
reference_url https://access.redhat.com/errata/RHSA-2025:19020
reference_id RHSA-2025:19020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19020
16
reference_url https://access.redhat.com/errata/RHSA-2025:19403
reference_id RHSA-2025:19403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19403
17
reference_url https://access.redhat.com/errata/RHSA-2025:21030
reference_id RHSA-2025:21030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21030
18
reference_url https://access.redhat.com/errata/RHSA-2025:21773
reference_id RHSA-2025:21773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21773
19
reference_url https://access.redhat.com/errata/RHSA-2025:21776
reference_id RHSA-2025:21776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21776
20
reference_url https://access.redhat.com/errata/RHSA-2025:21974
reference_id RHSA-2025:21974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21974
21
reference_url https://access.redhat.com/errata/RHSA-2025:22033
reference_id RHSA-2025:22033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22033
22
reference_url https://access.redhat.com/errata/RHSA-2025:22034
reference_id RHSA-2025:22034
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22034
23
reference_url https://access.redhat.com/errata/RHSA-2025:22035
reference_id RHSA-2025:22035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22035
24
reference_url https://access.redhat.com/errata/RHSA-2025:22175
reference_id RHSA-2025:22175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22175
25
reference_url https://access.redhat.com/errata/RHSA-2025:22607
reference_id RHSA-2025:22607
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22607
26
reference_url https://access.redhat.com/errata/RHSA-2025:22618
reference_id RHSA-2025:22618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22618
27
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
28
reference_url https://access.redhat.com/errata/RHSA-2025:22842
reference_id RHSA-2025:22842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22842
29
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
30
reference_url https://access.redhat.com/errata/RHSA-2025:22935
reference_id RHSA-2025:22935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22935
31
reference_url https://access.redhat.com/errata/RHSA-2025:23078
reference_id RHSA-2025:23078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23078
32
reference_url https://access.redhat.com/errata/RHSA-2025:23079
reference_id RHSA-2025:23079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23079
33
reference_url https://access.redhat.com/errata/RHSA-2025:23080
reference_id RHSA-2025:23080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23080
34
reference_url https://access.redhat.com/errata/RHSA-2025:23202
reference_id RHSA-2025:23202
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23202
35
reference_url https://access.redhat.com/errata/RHSA-2025:23204
reference_id RHSA-2025:23204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23204
36
reference_url https://access.redhat.com/errata/RHSA-2025:23205
reference_id RHSA-2025:23205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23205
37
reference_url https://access.redhat.com/errata/RHSA-2025:23209
reference_id RHSA-2025:23209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23209
38
reference_url https://access.redhat.com/errata/RHSA-2025:23227
reference_id RHSA-2025:23227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23227
39
reference_url https://access.redhat.com/errata/RHSA-2025:23248
reference_id RHSA-2025:23248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23248
40
reference_url https://access.redhat.com/errata/RHSA-2025:23449
reference_id RHSA-2025:23449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23449
41
reference_url https://access.redhat.com/errata/RHSA-2025:23550
reference_id RHSA-2025:23550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23550
42
reference_url https://access.redhat.com/errata/RHSA-2026:0001
reference_id RHSA-2026:0001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0001
43
reference_url https://access.redhat.com/errata/RHSA-2026:0076
reference_id RHSA-2026:0076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0076
44
reference_url https://access.redhat.com/errata/RHSA-2026:0077
reference_id RHSA-2026:0077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0077
45
reference_url https://access.redhat.com/errata/RHSA-2026:0078
reference_id RHSA-2026:0078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0078
46
reference_url https://access.redhat.com/errata/RHSA-2026:0326
reference_id RHSA-2026:0326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0326
47
reference_url https://access.redhat.com/errata/RHSA-2026:0332
reference_id RHSA-2026:0332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0332
48
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
49
reference_url https://access.redhat.com/errata/RHSA-2026:0420
reference_id RHSA-2026:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0420
50
reference_url https://access.redhat.com/errata/RHSA-2026:0518
reference_id RHSA-2026:0518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0518
51
reference_url https://access.redhat.com/errata/RHSA-2026:0674
reference_id RHSA-2026:0674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0674
52
reference_url https://access.redhat.com/errata/RHSA-2026:0677
reference_id RHSA-2026:0677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0677
53
reference_url https://access.redhat.com/errata/RHSA-2026:0702
reference_id RHSA-2026:0702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0702
54
reference_url https://access.redhat.com/errata/RHSA-2026:0934
reference_id RHSA-2026:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0934
55
reference_url https://access.redhat.com/errata/RHSA-2026:0996
reference_id RHSA-2026:0996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0996
56
reference_url https://access.redhat.com/errata/RHSA-2026:10950
reference_id RHSA-2026:10950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10950
57
reference_url https://access.redhat.com/errata/RHSA-2026:1541
reference_id RHSA-2026:1541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1541
58
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
59
reference_url https://access.redhat.com/errata/RHSA-2026:3407
reference_id RHSA-2026:3407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3407
60
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
61
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
62
reference_url https://access.redhat.com/errata/RHSA-2026:5396
reference_id RHSA-2026:5396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5396
63
reference_url https://usn.ubuntu.com/8022-1/
reference_id USN-8022-1
reference_type
scores
url https://usn.ubuntu.com/8022-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2025-59375
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77y6-jskt-qucb
16
url VCID-8qyy-e4jt-rbc4
vulnerability_id VCID-8qyy-e4jt-rbc4
summary Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4695
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05291
published_at 2026-04-24T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05256
published_at 2026-04-21T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
12
value 0.00021
scoring_system epss
scoring_elements 0.05877
published_at 2026-04-26T12:55:00Z
13
value 0.00021
scoring_system epss
scoring_elements 0.05887
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4695
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450715
reference_id 2450715
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450715
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020030
reference_id show_bug.cgi?id=2020030
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020030
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4695
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qyy-e4jt-rbc4
17
url VCID-8vka-qus2-tbhj
vulnerability_id VCID-8vka-qus2-tbhj
summary Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2447
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03974
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03958
published_at 2026-04-21T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03874
published_at 2026-04-02T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03839
published_at 2026-04-18T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03829
published_at 2026-04-16T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.0385
published_at 2026-04-13T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03877
published_at 2026-04-12T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03896
published_at 2026-04-11T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03927
published_at 2026-04-09T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03884
published_at 2026-04-04T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-08T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.03897
published_at 2026-04-07T12:55:00Z
12
value 0.00019
scoring_system epss
scoring_elements 0.05192
published_at 2026-04-29T12:55:00Z
13
value 0.00019
scoring_system epss
scoring_elements 0.0519
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
reference_id 1128283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440219
reference_id 2440219
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440219
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-10
reference_id mfsa2026-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-10
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-10/
reference_id mfsa2026-10
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-10/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-11
reference_id mfsa2026-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-11
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-11/
reference_id mfsa2026-11
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://www.mozilla.org/security/advisories/mfsa2026-11/
10
reference_url https://access.redhat.com/errata/RHSA-2026:3338
reference_id RHSA-2026:3338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3338
11
reference_url https://access.redhat.com/errata/RHSA-2026:3339
reference_id RHSA-2026:3339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3339
12
reference_url https://access.redhat.com/errata/RHSA-2026:3361
reference_id RHSA-2026:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3361
13
reference_url https://access.redhat.com/errata/RHSA-2026:3491
reference_id RHSA-2026:3491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3491
14
reference_url https://access.redhat.com/errata/RHSA-2026:3492
reference_id RHSA-2026:3492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3492
15
reference_url https://access.redhat.com/errata/RHSA-2026:3493
reference_id RHSA-2026:3493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3493
16
reference_url https://access.redhat.com/errata/RHSA-2026:3494
reference_id RHSA-2026:3494
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3494
17
reference_url https://access.redhat.com/errata/RHSA-2026:3495
reference_id RHSA-2026:3495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3495
18
reference_url https://access.redhat.com/errata/RHSA-2026:3496
reference_id RHSA-2026:3496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3496
19
reference_url https://access.redhat.com/errata/RHSA-2026:3497
reference_id RHSA-2026:3497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3497
20
reference_url https://access.redhat.com/errata/RHSA-2026:3515
reference_id RHSA-2026:3515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3515
21
reference_url https://access.redhat.com/errata/RHSA-2026:3516
reference_id RHSA-2026:3516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3516
22
reference_url https://access.redhat.com/errata/RHSA-2026:3517
reference_id RHSA-2026:3517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3517
23
reference_url https://access.redhat.com/errata/RHSA-2026:3967
reference_id RHSA-2026:3967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3967
24
reference_url https://access.redhat.com/errata/RHSA-2026:3976
reference_id RHSA-2026:3976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3976
25
reference_url https://access.redhat.com/errata/RHSA-2026:3978
reference_id RHSA-2026:3978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3978
26
reference_url https://access.redhat.com/errata/RHSA-2026:3979
reference_id RHSA-2026:3979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3979
27
reference_url https://access.redhat.com/errata/RHSA-2026:3980
reference_id RHSA-2026:3980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3980
28
reference_url https://access.redhat.com/errata/RHSA-2026:3981
reference_id RHSA-2026:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3981
29
reference_url https://access.redhat.com/errata/RHSA-2026:3982
reference_id RHSA-2026:3982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3982
30
reference_url https://access.redhat.com/errata/RHSA-2026:3983
reference_id RHSA-2026:3983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3983
31
reference_url https://access.redhat.com/errata/RHSA-2026:3984
reference_id RHSA-2026:3984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3984
32
reference_url https://access.redhat.com/errata/RHSA-2026:4022
reference_id RHSA-2026:4022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4022
33
reference_url https://access.redhat.com/errata/RHSA-2026:4152
reference_id RHSA-2026:4152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4152
34
reference_url https://access.redhat.com/errata/RHSA-2026:4260
reference_id RHSA-2026:4260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4260
35
reference_url https://access.redhat.com/errata/RHSA-2026:4432
reference_id RHSA-2026:4432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4432
36
reference_url https://access.redhat.com/errata/RHSA-2026:4447
reference_id RHSA-2026:4447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4447
37
reference_url https://access.redhat.com/errata/RHSA-2026:4629
reference_id RHSA-2026:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4629
38
reference_url https://access.redhat.com/errata/RHSA-2026:5227
reference_id RHSA-2026:5227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5227
39
reference_url https://access.redhat.com/errata/RHSA-2026:5228
reference_id RHSA-2026:5228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5228
40
reference_url https://access.redhat.com/errata/RHSA-2026:5229
reference_id RHSA-2026:5229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5229
41
reference_url https://access.redhat.com/errata/RHSA-2026:5230
reference_id RHSA-2026:5230
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5230
42
reference_url https://access.redhat.com/errata/RHSA-2026:5231
reference_id RHSA-2026:5231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5231
43
reference_url https://access.redhat.com/errata/RHSA-2026:5319
reference_id RHSA-2026:5319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5319
44
reference_url https://access.redhat.com/errata/RHSA-2026:5320
reference_id RHSA-2026:5320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5320
45
reference_url https://access.redhat.com/errata/RHSA-2026:5323
reference_id RHSA-2026:5323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5323
46
reference_url https://access.redhat.com/errata/RHSA-2026:5324
reference_id RHSA-2026:5324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5324
47
reference_url https://access.redhat.com/errata/RHSA-2026:5326
reference_id RHSA-2026:5326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5326
48
reference_url https://access.redhat.com/errata/RHSA-2026:8746
reference_id RHSA-2026:8746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8746
49
reference_url https://access.redhat.com/errata/RHSA-2026:8747
reference_id RHSA-2026:8747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8747
50
reference_url https://access.redhat.com/errata/RHSA-2026:8748
reference_id RHSA-2026:8748
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8748
51
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
reference_id show_bug.cgi?id=2014390
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014390
52
reference_url https://usn.ubuntu.com/8053-1/
reference_id USN-8053-1
reference_type
scores
url https://usn.ubuntu.com/8053-1/
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-2447
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj
18
url VCID-8xek-k5y2-6bfp
vulnerability_id VCID-8xek-k5y2-6bfp
summary Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4689
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07573
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07548
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07623
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07637
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0765
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07649
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07632
published_at 2026-04-08T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07598
published_at 2026-04-04T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-02T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07624
published_at 2026-04-24T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07676
published_at 2026-04-21T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07536
published_at 2026-04-18T12:55:00Z
12
value 0.0003
scoring_system epss
scoring_elements 0.08368
published_at 2026-04-29T12:55:00Z
13
value 0.0003
scoring_system epss
scoring_elements 0.08401
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4689
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450718
reference_id 2450718
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450718
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016374
reference_id show_bug.cgi?id=2016374
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016374
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4689
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xek-k5y2-6bfp
19
url VCID-9ag7-z86d-nba9
vulnerability_id VCID-9ag7-z86d-nba9
summary Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5734
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13903
published_at 2026-04-08T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13955
published_at 2026-04-09T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13912
published_at 2026-04-11T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13876
published_at 2026-04-12T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18602
published_at 2026-04-13T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18556
published_at 2026-04-18T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18413
published_at 2026-04-29T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18456
published_at 2026-04-26T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18471
published_at 2026-04-24T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18576
published_at 2026-04-21T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18547
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5734
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455897
reference_id 2455897
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455897
5
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
reference_id buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
13
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
14
reference_url https://access.redhat.com/errata/RHSA-2026:11805
reference_id RHSA-2026:11805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11805
15
reference_url https://access.redhat.com/errata/RHSA-2026:11813
reference_id RHSA-2026:11813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11813
16
reference_url https://access.redhat.com/errata/RHSA-2026:12264
reference_id RHSA-2026:12264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12264
17
reference_url https://access.redhat.com/errata/RHSA-2026:13342
reference_id RHSA-2026:13342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13342
18
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
19
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
20
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
21
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
22
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
23
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
2
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-5734
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ag7-z86d-nba9
20
url VCID-b4bq-q3ga-3ff1
vulnerability_id VCID-b4bq-q3ga-3ff1
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4707
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03727
published_at 2026-04-21T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03554
published_at 2026-04-24T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04339
published_at 2026-04-29T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04305
published_at 2026-04-26T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
12
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
13
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4707
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450755
reference_id 2450755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450755
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015267
reference_id show_bug.cgi?id=2015267
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015267
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4707
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4bq-q3ga-3ff1
21
url VCID-b6sf-z5tm-4uau
vulnerability_id VCID-b6sf-z5tm-4uau
summary Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4696
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07468
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07524
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07537
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07549
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-08T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-04T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07448
published_at 2026-04-02T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07529
published_at 2026-04-24T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07567
published_at 2026-04-21T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-18T12:55:00Z
12
value 0.00029
scoring_system epss
scoring_elements 0.08267
published_at 2026-04-29T12:55:00Z
13
value 0.00029
scoring_system epss
scoring_elements 0.08301
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4696
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450740
reference_id 2450740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450740
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020190
reference_id show_bug.cgi?id=2020190
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020190
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4696
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6sf-z5tm-4uau
22
url VCID-e2k8-m9sm-8uek
vulnerability_id VCID-e2k8-m9sm-8uek
summary Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4699
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07118
published_at 2026-04-29T12:55:00Z
13
value 0.00026
scoring_system epss
scoring_elements 0.07159
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4699
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450739
reference_id 2450739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450739
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021863
reference_id show_bug.cgi?id=2021863
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021863
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4699
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2k8-m9sm-8uek
23
url VCID-ft6u-geds-fua9
vulnerability_id VCID-ft6u-geds-fua9
summary JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4702
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4702
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450744
reference_id 2450744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450744
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2013560
reference_id show_bug.cgi?id=2013560
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2013560
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4702
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft6u-geds-fua9
24
url VCID-gkva-6cu9-7keg
vulnerability_id VCID-gkva-6cu9-7keg
summary Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4692
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06982
published_at 2026-04-07T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06995
published_at 2026-04-16T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07055
published_at 2026-04-13T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07064
published_at 2026-04-12T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.07075
published_at 2026-04-24T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.07068
published_at 2026-04-09T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.07037
published_at 2026-04-08T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.07002
published_at 2026-04-04T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06948
published_at 2026-04-02T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.07112
published_at 2026-04-21T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.0698
published_at 2026-04-18T12:55:00Z
11
value 0.00028
scoring_system epss
scoring_elements 0.07769
published_at 2026-04-29T12:55:00Z
12
value 0.00028
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4692
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450748
reference_id 2450748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450748
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017643
reference_id show_bug.cgi?id=2017643
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017643
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4692
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkva-6cu9-7keg
25
url VCID-hshc-4xnc-gug4
vulnerability_id VCID-hshc-4xnc-gug4
summary Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4704
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05291
published_at 2026-04-24T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05256
published_at 2026-04-21T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
12
value 0.00021
scoring_system epss
scoring_elements 0.05877
published_at 2026-04-26T12:55:00Z
13
value 0.00021
scoring_system epss
scoring_elements 0.05887
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450756
reference_id 2450756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450756
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014868
reference_id show_bug.cgi?id=2014868
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014868
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4704
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hshc-4xnc-gug4
26
url VCID-hstd-23qm-bqdg
vulnerability_id VCID-hstd-23qm-bqdg
summary Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4717
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4717
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450712
reference_id 2450712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450712
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2021695
reference_id show_bug.cgi?id=2021695
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2021695
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4717
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hstd-23qm-bqdg
27
url VCID-j1hb-8jjy-tqgq
vulnerability_id VCID-j1hb-8jjy-tqgq
summary Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4693
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07118
published_at 2026-04-29T12:55:00Z
13
value 0.00026
scoring_system epss
scoring_elements 0.07159
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450741
reference_id 2450741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450741
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018102
reference_id show_bug.cgi?id=2018102
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018102
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4693
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1hb-8jjy-tqgq
28
url VCID-kuwd-6tcg-fuha
vulnerability_id VCID-kuwd-6tcg-fuha
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4713
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.05996
published_at 2026-04-26T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4713
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450730
reference_id 2450730
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450730
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018113
reference_id show_bug.cgi?id=2018113
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018113
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4713
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwd-6tcg-fuha
29
url VCID-m6uv-91wz-xfdv
vulnerability_id VCID-m6uv-91wz-xfdv
summary Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4700
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05901
published_at 2026-04-07T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-13T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-12T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05959
published_at 2026-04-11T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05978
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.0591
published_at 2026-04-04T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05939
published_at 2026-04-08T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05877
published_at 2026-04-02T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.06091
published_at 2026-04-24T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06069
published_at 2026-04-21T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05916
published_at 2026-04-18T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.05905
published_at 2026-04-16T12:55:00Z
12
value 0.00024
scoring_system epss
scoring_elements 0.06612
published_at 2026-04-26T12:55:00Z
13
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4700
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450752
reference_id 2450752
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450752
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2003766
reference_id show_bug.cgi?id=2003766
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2003766
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4700
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6uv-91wz-xfdv
30
url VCID-mm6w-kpe8-4kg3
vulnerability_id VCID-mm6w-kpe8-4kg3
summary Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4684
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02861
published_at 2026-04-07T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.02814
published_at 2026-04-16T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.0283
published_at 2026-04-13T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.02835
published_at 2026-04-12T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.02854
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02884
published_at 2026-04-09T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02863
published_at 2026-04-08T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02853
published_at 2026-04-04T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02837
published_at 2026-04-02T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.02935
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.02941
published_at 2026-04-21T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.02825
published_at 2026-04-18T12:55:00Z
12
value 0.00016
scoring_system epss
scoring_elements 0.03669
published_at 2026-04-29T12:55:00Z
13
value 0.00016
scoring_system epss
scoring_elements 0.03623
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4684
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450721
reference_id 2450721
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450721
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2011129
reference_id show_bug.cgi?id=2011129
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2011129
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4684
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mm6w-kpe8-4kg3
31
url VCID-nvsz-9s3r-nbhq
vulnerability_id VCID-nvsz-9s3r-nbhq
summary Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4718
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01692
published_at 2026-04-04T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01665
published_at 2026-04-16T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01676
published_at 2026-04-13T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01686
published_at 2026-04-11T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01701
published_at 2026-04-09T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01693
published_at 2026-04-08T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01691
published_at 2026-04-07T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01683
published_at 2026-04-02T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01768
published_at 2026-04-24T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01757
published_at 2026-04-21T12:55:00Z
10
value 0.00012
scoring_system epss
scoring_elements 0.01668
published_at 2026-04-18T12:55:00Z
11
value 0.00013
scoring_system epss
scoring_elements 0.02185
published_at 2026-04-26T12:55:00Z
12
value 0.00013
scoring_system epss
scoring_elements 0.02218
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450742
reference_id 2450742
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450742
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2014864
reference_id show_bug.cgi?id=2014864
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2014864
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4718
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvsz-9s3r-nbhq
32
url VCID-qbzp-euvv-q7c7
vulnerability_id VCID-qbzp-euvv-q7c7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5732
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11778
published_at 2026-04-09T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.1175
published_at 2026-04-12T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11723
published_at 2026-04-08T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11789
published_at 2026-04-11T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12843
published_at 2026-04-21T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12862
published_at 2026-04-24T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12742
published_at 2026-04-18T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12738
published_at 2026-04-16T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12835
published_at 2026-04-13T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12717
published_at 2026-04-29T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12824
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5732
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455908
reference_id 2455908
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455908
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
reference_id mfsa2026-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-25
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-25/
reference_id mfsa2026-25
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-25/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
reference_id mfsa2026-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-27
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-27/
reference_id mfsa2026-27
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-27/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
reference_id mfsa2026-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-28
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-28/
reference_id mfsa2026-28
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-28/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
reference_id mfsa2026-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-29
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-29/
reference_id mfsa2026-29
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-29/
13
reference_url https://access.redhat.com/errata/RHSA-2026:11805
reference_id RHSA-2026:11805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11805
14
reference_url https://access.redhat.com/errata/RHSA-2026:11813
reference_id RHSA-2026:11813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11813
15
reference_url https://access.redhat.com/errata/RHSA-2026:12264
reference_id RHSA-2026:12264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12264
16
reference_url https://access.redhat.com/errata/RHSA-2026:13342
reference_id RHSA-2026:13342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13342
17
reference_url https://access.redhat.com/errata/RHSA-2026:7671
reference_id RHSA-2026:7671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7671
18
reference_url https://access.redhat.com/errata/RHSA-2026:7672
reference_id RHSA-2026:7672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7672
19
reference_url https://access.redhat.com/errata/RHSA-2026:8052
reference_id RHSA-2026:8052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8052
20
reference_url https://access.redhat.com/errata/RHSA-2026:8459
reference_id RHSA-2026:8459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8459
21
reference_url https://access.redhat.com/errata/RHSA-2026:9345
reference_id RHSA-2026:9345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9345
22
reference_url https://access.redhat.com/errata/RHSA-2026:9638
reference_id RHSA-2026:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9638
23
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
reference_id show_bug.cgi?id=2017867
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1
2
url pkg:deb/debian/thunderbird@1:140.10.0esr-1
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1
aliases CVE-2026-5732
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbzp-euvv-q7c7
33
url VCID-qkks-24cp-gqg2
vulnerability_id VCID-qkks-24cp-gqg2
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4706
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07118
published_at 2026-04-29T12:55:00Z
13
value 0.00026
scoring_system epss
scoring_elements 0.07159
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4706
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450714
reference_id 2450714
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450714
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015091
reference_id show_bug.cgi?id=2015091
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015091
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4706
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkks-24cp-gqg2
34
url VCID-rp5h-ym8y-skbw
vulnerability_id VCID-rp5h-ym8y-skbw
summary Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4701
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4701
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450710
reference_id 2450710
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450710
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2009303
reference_id show_bug.cgi?id=2009303
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2009303
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4701
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5h-ym8y-skbw
35
url VCID-t4t3-5pt5-ayds
vulnerability_id VCID-t4t3-5pt5-ayds
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4685
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07118
published_at 2026-04-29T12:55:00Z
13
value 0.00026
scoring_system epss
scoring_elements 0.07159
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4685
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450724
reference_id 2450724
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450724
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016349
reference_id show_bug.cgi?id=2016349
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016349
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4685
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t3-5pt5-ayds
36
url VCID-u3j3-fc4f-7ff7
vulnerability_id VCID-u3j3-fc4f-7ff7
summary Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4686
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0628
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06281
published_at 2026-04-16T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06343
published_at 2026-04-13T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06354
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06359
published_at 2026-04-11T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06366
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06326
published_at 2026-04-08T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06303
published_at 2026-04-04T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06458
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06443
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06294
published_at 2026-04-18T12:55:00Z
12
value 0.00026
scoring_system epss
scoring_elements 0.07118
published_at 2026-04-29T12:55:00Z
13
value 0.00026
scoring_system epss
scoring_elements 0.07159
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4686
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450734
reference_id 2450734
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450734
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016351
reference_id show_bug.cgi?id=2016351
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016351
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4686
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3j3-fc4f-7ff7
37
url VCID-wmyy-2cg3-wyhc
vulnerability_id VCID-wmyy-2cg3-wyhc
summary Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4697
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05164
published_at 2026-04-07T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-13T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-12T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05184
published_at 2026-04-11T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05214
published_at 2026-04-09T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05142
published_at 2026-04-04T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-08T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05113
published_at 2026-04-02T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05291
published_at 2026-04-24T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05256
published_at 2026-04-21T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05098
published_at 2026-04-16T12:55:00Z
12
value 0.00021
scoring_system epss
scoring_elements 0.05877
published_at 2026-04-26T12:55:00Z
13
value 0.00021
scoring_system epss
scoring_elements 0.05887
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450729
reference_id 2450729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450729
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020422
reference_id show_bug.cgi?id=2020422
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020422
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4697
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyy-2cg3-wyhc
38
url VCID-wqw2-gjvu-6qbu
vulnerability_id VCID-wqw2-gjvu-6qbu
summary Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4690
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03218
published_at 2026-04-21T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03055
published_at 2026-04-24T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.038
published_at 2026-04-29T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03754
published_at 2026-04-26T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.0554
published_at 2026-04-08T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05518
published_at 2026-04-13T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05525
published_at 2026-04-12T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05537
published_at 2026-04-11T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05562
published_at 2026-04-09T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05504
published_at 2026-04-07T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05469
published_at 2026-04-16T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05479
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450732
reference_id 2450732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450732
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016375
reference_id show_bug.cgi?id=2016375
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016375
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4690
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw2-gjvu-6qbu
39
url VCID-wvx2-pba2-sqha
vulnerability_id VCID-wvx2-pba2-sqha
summary Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4708
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05324
published_at 2026-04-07T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05326
published_at 2026-04-13T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05337
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05349
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05381
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05298
published_at 2026-04-04T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05357
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05265
published_at 2026-04-02T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05466
published_at 2026-04-24T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05425
published_at 2026-04-21T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05276
published_at 2026-04-18T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05274
published_at 2026-04-16T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.05996
published_at 2026-04-26T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450735
reference_id 2450735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450735
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2015268
reference_id show_bug.cgi?id=2015268
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2015268
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4708
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvx2-pba2-sqha
40
url VCID-yjc2-2whn-uug5
vulnerability_id VCID-yjc2-2whn-uug5
summary Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4694
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05434
published_at 2026-04-07T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.054
published_at 2026-04-18T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05442
published_at 2026-04-13T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05448
published_at 2026-04-12T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05462
published_at 2026-04-11T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.0549
published_at 2026-04-09T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05469
published_at 2026-04-08T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05426
published_at 2026-04-04T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05393
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05601
published_at 2026-04-24T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05569
published_at 2026-04-21T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.06143
published_at 2026-04-29T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.06135
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4694
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450747
reference_id 2450747
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450747
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
reference_id mfsa2026-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-21
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-21/
reference_id mfsa2026-21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-21/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
14
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
15
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
16
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
17
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
18
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
19
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
20
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
21
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
22
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
23
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
24
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
25
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
26
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
27
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
28
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
29
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
30
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
31
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
32
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
33
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
34
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
35
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
36
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
37
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
38
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
39
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
40
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2018430
reference_id show_bug.cgi?id=2018430
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2018430
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4694
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjc2-2whn-uug5
41
url VCID-ymak-rv52-h7a5
vulnerability_id VCID-ymak-rv52-h7a5
summary Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4710
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06239
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
12
value 0.00025
scoring_system epss
scoring_elements 0.06869
published_at 2026-04-26T12:55:00Z
13
value 0.00025
scoring_system epss
scoring_elements 0.06843
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450727
reference_id 2450727
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450727
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
10
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
12
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
13
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
14
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
15
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
16
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
17
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
18
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
19
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
20
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
21
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
22
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
23
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
24
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
25
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
26
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
27
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
28
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
29
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
30
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
31
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
32
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
33
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
34
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
35
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
36
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
37
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
38
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016370
reference_id show_bug.cgi?id=2016370
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016370
fixed_packages
0
url pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-5dw5-vpt8-zqbz
4
vulnerability VCID-61r1-arbe-dke4
5
vulnerability VCID-7jt2-zr49-7ye5
6
vulnerability VCID-95et-ezmb-buau
7
vulnerability VCID-9ag7-z86d-nba9
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-q689-wneh-hbdq
21
vulnerability VCID-q8qp-5szp-mfe8
22
vulnerability VCID-qbzp-euvv-q7c7
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-w98r-yagc-kkec
26
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1~deb12u1
1
url pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1
aliases CVE-2026-4710
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymak-rv52-h7a5
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1~deb12u1