| 0 |
| url |
VCID-13he-qsr4-h3d4 |
| vulnerability_id |
VCID-13he-qsr4-h3d4 |
| summary |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4709 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06438 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0629 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06339 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0635 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06355 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06266 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06362 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06322 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.063 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06276 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4709 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4709
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-13he-qsr4-h3d4 |
|
| 1 |
| url |
VCID-15j8-br8z-juf3 |
| vulnerability_id |
VCID-15j8-br8z-juf3 |
| summary |
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-3889 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07556 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07541 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07479 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.0746 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07518 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07437 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07427 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07515 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07528 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07542 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-3889 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-3889
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-15j8-br8z-juf3 |
|
| 2 |
| url |
VCID-1fv1-edht-ufag |
| vulnerability_id |
VCID-1fv1-edht-ufag |
| summary |
Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4715 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4715 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4715
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1fv1-edht-ufag |
|
| 3 |
| url |
VCID-23eu-22t2-cydd |
| vulnerability_id |
VCID-23eu-22t2-cydd |
| summary |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4714 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05425 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05276 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05324 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05349 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05381 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05357 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05298 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05274 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05326 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05337 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4714 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4714
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-23eu-22t2-cydd |
|
| 4 |
| url |
VCID-26d3-ctnj-7kbh |
| vulnerability_id |
VCID-26d3-ctnj-7kbh |
| summary |
Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4691 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10185 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10054 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10092 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10223 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10264 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10228 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10167 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10196 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10131 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10076 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10204 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4691 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4691
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-26d3-ctnj-7kbh |
|
| 5 |
| url |
VCID-289s-f2w6-53g9 |
| vulnerability_id |
VCID-289s-f2w6-53g9 |
| summary |
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4716 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4716 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4716
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-289s-f2w6-53g9 |
|
| 6 |
| url |
VCID-351y-4nek-u3aw |
| vulnerability_id |
VCID-351y-4nek-u3aw |
| summary |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4698 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07439 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07468 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07524 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07537 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07551 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07549 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07527 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07487 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07448 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07449 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12851 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4698 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4698
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-351y-4nek-u3aw |
|
| 7 |
| url |
VCID-3grf-hwk1-3fh8 |
| vulnerability_id |
VCID-3grf-hwk1-3fh8 |
| summary |
Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4719 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05425 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05276 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05324 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05349 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05381 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05357 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05298 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05274 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05326 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05337 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4719 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4719
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3grf-hwk1-3fh8 |
|
| 8 |
| url |
VCID-3kd3-hwzv-efbn |
| vulnerability_id |
VCID-3kd3-hwzv-efbn |
| summary |
Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4721 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06333 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06184 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06155 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06223 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06228 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06237 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06198 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06172 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06141 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06213 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4721 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4721
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3kd3-hwzv-efbn |
|
| 9 |
| url |
VCID-3xgu-7evz-mffw |
| vulnerability_id |
VCID-3xgu-7evz-mffw |
| summary |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4705 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05737 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05579 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05592 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05629 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05656 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.0563 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05594 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05557 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05565 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05614 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.0562 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4705 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4705
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3xgu-7evz-mffw |
|
| 10 |
| url |
VCID-4q6w-tdk9-d3an |
| vulnerability_id |
VCID-4q6w-tdk9-d3an |
| summary |
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4720 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4720 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4720
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6w-tdk9-d3an |
|
| 11 |
| url |
VCID-646f-ndeq-5bee |
| vulnerability_id |
VCID-646f-ndeq-5bee |
| summary |
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4687 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06543 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06394 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06376 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06454 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06461 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06468 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06425 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06388 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06357 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06385 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06444 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4687 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4687
|
| risk_score |
4.3 |
| exploitability |
0.5 |
| weighted_severity |
8.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-646f-ndeq-5bee |
|
| 12 |
| url |
VCID-675n-7uzz-pqdj |
| vulnerability_id |
VCID-675n-7uzz-pqdj |
| summary |
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4688 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05519 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05357 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05385 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05422 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05449 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05426 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05392 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05355 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05354 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05401 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05409 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4688 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4688
|
| risk_score |
4.3 |
| exploitability |
0.5 |
| weighted_severity |
8.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-675n-7uzz-pqdj |
|
| 13 |
| url |
VCID-6mur-mtfg-97gt |
| vulnerability_id |
VCID-6mur-mtfg-97gt |
| summary |
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4371 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17548 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.1764 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.1749 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17579 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17659 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17716 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17514 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17505 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.1756 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17612 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00056 |
| scoring_system |
epss |
| scoring_elements |
0.17763 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4371 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4371
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6mur-mtfg-97gt |
|
| 14 |
| url |
VCID-77y6-jskt-qucb |
| vulnerability_id |
VCID-77y6-jskt-qucb |
| summary |
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-59375 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12206 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.15871 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.15748 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.15663 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.15808 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00051 |
| scoring_system |
epss |
| scoring_elements |
0.15811 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18262 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18121 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18108 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18164 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18215 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-59375 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
|
| 56 |
|
| 57 |
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-59375
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-77y6-jskt-qucb |
|
| 15 |
| url |
VCID-8qyy-e4jt-rbc4 |
| vulnerability_id |
VCID-8qyy-e4jt-rbc4 |
| summary |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4695 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05256 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05103 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05164 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05184 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05214 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05197 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05142 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05113 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05098 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05154 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05168 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4695 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4695
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8qyy-e4jt-rbc4 |
|
| 16 |
| url |
VCID-8xek-k5y2-6bfp |
| vulnerability_id |
VCID-8xek-k5y2-6bfp |
| summary |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4689 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07676 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07536 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07598 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07637 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.0765 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07649 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07632 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07573 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07556 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07548 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07623 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4689 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4689
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8xek-k5y2-6bfp |
|
| 17 |
| url |
VCID-b4bq-q3ga-3ff1 |
| vulnerability_id |
VCID-b4bq-q3ga-3ff1 |
| summary |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4707 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03727 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0628 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06359 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06343 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4707 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4707
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b4bq-q3ga-3ff1 |
|
| 18 |
| url |
VCID-b6sf-z5tm-4uau |
| vulnerability_id |
VCID-b6sf-z5tm-4uau |
| summary |
Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4696 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07567 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07439 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07468 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07537 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07551 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07549 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07527 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07487 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07448 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07449 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00027 |
| scoring_system |
epss |
| scoring_elements |
0.07524 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4696 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4696
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b6sf-z5tm-4uau |
|
| 19 |
| url |
VCID-e2k8-m9sm-8uek |
| vulnerability_id |
VCID-e2k8-m9sm-8uek |
| summary |
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4699 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06443 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0628 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06359 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06343 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4699 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4699
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e2k8-m9sm-8uek |
|
| 20 |
| url |
VCID-ft6u-geds-fua9 |
| vulnerability_id |
VCID-ft6u-geds-fua9 |
| summary |
JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4702 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4702 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4702
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ft6u-geds-fua9 |
|
| 21 |
| url |
VCID-gkva-6cu9-7keg |
| vulnerability_id |
VCID-gkva-6cu9-7keg |
| summary |
Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4692 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07112 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.0698 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06982 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07064 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07075 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07068 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07002 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06948 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06995 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.07055 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4692 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4692
|
| risk_score |
4.3 |
| exploitability |
0.5 |
| weighted_severity |
8.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gkva-6cu9-7keg |
|
| 22 |
| url |
VCID-hshc-4xnc-gug4 |
| vulnerability_id |
VCID-hshc-4xnc-gug4 |
| summary |
Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4704 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05256 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05103 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05164 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05184 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05214 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05197 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05142 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05113 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05098 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05154 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05168 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4704 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4704
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hshc-4xnc-gug4 |
|
| 23 |
| url |
VCID-hstd-23qm-bqdg |
| vulnerability_id |
VCID-hstd-23qm-bqdg |
| summary |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4717 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4717 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4717
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hstd-23qm-bqdg |
|
| 24 |
| url |
VCID-j1hb-8jjy-tqgq |
| vulnerability_id |
VCID-j1hb-8jjy-tqgq |
| summary |
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4693 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06443 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0628 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06359 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06343 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4693 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4693
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j1hb-8jjy-tqgq |
|
| 25 |
| url |
VCID-kuwd-6tcg-fuha |
| vulnerability_id |
VCID-kuwd-6tcg-fuha |
| summary |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4713 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05425 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05276 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05324 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05349 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05381 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05357 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05298 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05274 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05326 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05337 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4713 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4713
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwd-6tcg-fuha |
|
| 26 |
| url |
VCID-m6uv-91wz-xfdv |
| vulnerability_id |
VCID-m6uv-91wz-xfdv |
| summary |
Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4700 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06069 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05916 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05901 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05959 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05978 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05939 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.0591 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05877 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05905 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.0594 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.0595 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4700 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4700
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m6uv-91wz-xfdv |
|
| 27 |
| url |
VCID-mm6w-kpe8-4kg3 |
| vulnerability_id |
VCID-mm6w-kpe8-4kg3 |
| summary |
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4684 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02941 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02825 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02853 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02835 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02854 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02884 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02863 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02861 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02837 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.02814 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.0283 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4684 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4684
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mm6w-kpe8-4kg3 |
|
| 28 |
| url |
VCID-nvsz-9s3r-nbhq |
| vulnerability_id |
VCID-nvsz-9s3r-nbhq |
| summary |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4718 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01757 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01668 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01692 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01686 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01701 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01693 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01691 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01683 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01665 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01676 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4718 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4718
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nvsz-9s3r-nbhq |
|
| 29 |
| url |
VCID-qkks-24cp-gqg2 |
| vulnerability_id |
VCID-qkks-24cp-gqg2 |
| summary |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4706 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06443 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06359 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0628 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06343 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4706 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4706
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qkks-24cp-gqg2 |
|
| 30 |
| url |
VCID-rp5h-ym8y-skbw |
| vulnerability_id |
VCID-rp5h-ym8y-skbw |
| summary |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4701 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4701 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4701
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rp5h-ym8y-skbw |
|
| 31 |
| url |
VCID-t4t3-5pt5-ayds |
| vulnerability_id |
VCID-t4t3-5pt5-ayds |
| summary |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4685 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06443 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0628 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06359 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06343 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4685 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4685
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t4t3-5pt5-ayds |
|
| 32 |
| url |
VCID-u3j3-fc4f-7ff7 |
| vulnerability_id |
VCID-u3j3-fc4f-7ff7 |
| summary |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4686 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06443 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06294 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.0628 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06354 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06359 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06281 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00024 |
| scoring_system |
epss |
| scoring_elements |
0.06343 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4686 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4686
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u3j3-fc4f-7ff7 |
|
| 33 |
| url |
VCID-wmyy-2cg3-wyhc |
| vulnerability_id |
VCID-wmyy-2cg3-wyhc |
| summary |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4697 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05256 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05103 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05164 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05184 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05214 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05197 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05142 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05113 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05098 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05154 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05168 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4697 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4697
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wmyy-2cg3-wyhc |
|
| 34 |
| url |
VCID-wqw2-gjvu-6qbu |
| vulnerability_id |
VCID-wqw2-gjvu-6qbu |
| summary |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4690 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03218 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.0554 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05479 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05518 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05525 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05537 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05562 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05504 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00021 |
| scoring_system |
epss |
| scoring_elements |
0.05469 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4690 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4690
|
| risk_score |
4.3 |
| exploitability |
0.5 |
| weighted_severity |
8.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw2-gjvu-6qbu |
|
| 35 |
| url |
VCID-wvx2-pba2-sqha |
| vulnerability_id |
VCID-wvx2-pba2-sqha |
| summary |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4708 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05425 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05276 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05324 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05349 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05381 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05357 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05298 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05274 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05326 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05337 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4708 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4708
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wvx2-pba2-sqha |
|
| 36 |
| url |
VCID-yjc2-2whn-uug5 |
| vulnerability_id |
VCID-yjc2-2whn-uug5 |
| summary |
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4694 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05569 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.054 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05442 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05448 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05462 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05393 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.0549 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05469 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05434 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.0002 |
| scoring_system |
epss |
| scoring_elements |
0.05426 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4694 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4694
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yjc2-2whn-uug5 |
|
| 37 |
| url |
VCID-ymak-rv52-h7a5 |
| vulnerability_id |
VCID-ymak-rv52-h7a5 |
| summary |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4710 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4710 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4710
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ymak-rv52-h7a5 |
|