Search for packages
| purl | pkg:deb/debian/thunderbird@1:115.16.0esr-1~deb12u1 |
| Next non-vulnerable version | 1:140.9.0esr-1~deb12u1 |
| Latest non-vulnerable version | 1:140.9.0esr-1~deb12u1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-13he-qsr4-h3d4
Aliases: CVE-2026-4709 |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-15j8-br8z-juf3
Aliases: CVE-2026-3889 |
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-18my-61hh-n3gb
Aliases: CVE-2025-1934 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-1fv1-edht-ufag
Aliases: CVE-2026-4715 |
Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-1hay-xe3q-gyb4
Aliases: CVE-2026-2789 |
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-1jqj-tqfp-73f7
Aliases: CVE-2025-14325 |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-1u8u-pnq3-t7ae
Aliases: CVE-2026-2757 |
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-1v2s-g46y-ybdc
Aliases: CVE-2026-2792 |
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 39 other vulnerabilities. |
|
VCID-1xcg-n9k4-tqc4
Aliases: CVE-2025-1011 |
A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-1zf8-qjts-9fbc
Aliases: CVE-2024-11704 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-23eu-22t2-cydd
Aliases: CVE-2026-4714 |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-26d3-ctnj-7kbh
Aliases: CVE-2026-4691 |
Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-289s-f2w6-53g9
Aliases: CVE-2026-4716 |
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-2ejc-7bd5-qkbf
Aliases: CVE-2025-3028 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-351y-4nek-u3aw
Aliases: CVE-2026-4698 |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-3gmj-y8qd-ufej
Aliases: CVE-2026-2787 |
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-3grf-hwk1-3fh8
Aliases: CVE-2026-4719 |
Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-3kd3-hwzv-efbn
Aliases: CVE-2026-4721 |
Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-3qfb-sxha-v3cw
Aliases: CVE-2025-10529 |
Same-origin policy bypass in the Layout component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. |
Affected by 90 other vulnerabilities. |
|
VCID-3sg3-9yx7-fufa
Aliases: CVE-2026-2790 |
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-3xgu-7evz-mffw
Aliases: CVE-2026-4705 |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-43nm-4qjy-vfgj
Aliases: CVE-2025-8028 |
On arm64, a WASM br_table instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. |
Affected by 90 other vulnerabilities. |
|
VCID-4bw1-v6ze-kbds
Aliases: CVE-2025-13018 |
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-4byg-5gy3-kkff
Aliases: CVE-2025-8031 |
The username:password part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. |
Affected by 90 other vulnerabilities. |
|
VCID-4g7u-xmdq-mkdn
Aliases: CVE-2025-14328 |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-4gsx-puz4-a3f1
Aliases: CVE-2025-11708 |
Use-after-free in MediaTrackGraphImpl::GetInstance() |
Affected by 90 other vulnerabilities. |
|
VCID-4kd3-95cm-g3fc
Aliases: CVE-2025-13019 |
Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-4kmx-pfby-hfbn
Aliases: CVE-2024-11159 |
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. |
Affected by 90 other vulnerabilities. |
|
VCID-4q6w-tdk9-d3an
Aliases: CVE-2026-4720 |
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-4xqc-36jb-63c2
Aliases: CVE-2026-2786 |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-4zjw-4gjw-pqh1
Aliases: CVE-2025-0242 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-59wd-mtjt-4ban
Aliases: CVE-2025-11714 |
Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-5ept-fu7g-8kes
Aliases: CVE-2026-2780 |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-5j6z-g7gt-qyea
Aliases: CVE-2024-11694 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-5kwn-x8e4-ukgq
Aliases: CVE-2025-14333 |
Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-646f-ndeq-5bee
Aliases: CVE-2026-4687 |
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-66z1-8zeg-9qh1
Aliases: CVE-2025-10528 |
Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. |
Affected by 90 other vulnerabilities. |
|
VCID-675n-7uzz-pqdj
Aliases: CVE-2026-4688 |
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-6bbw-b3rx-a7hj
Aliases: CVE-2024-10462 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-6cx1-8t9m-u3av
Aliases: CVE-2026-0886 |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-6fsa-bnes-tkff
Aliases: CVE-2026-2765 |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-6jw1-pere-ruee
Aliases: CVE-2025-11715 |
Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-6mur-mtfg-97gt
Aliases: CVE-2026-4371 |
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. |
Affected by 0 other vulnerabilities. |
|
VCID-6szy-r2cd-9kfw
Aliases: CVE-2024-50336 GHSA-xvg8-m4x3-w6xr |
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal ### Summary matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the client's homeserver. ### Details The Matrix specification demands homeservers to [perform validation](https://spec.matrix.org/v1.12/client-server-api/#security-considerations-5) of the `server-name` and `media-id` components of MXC URIs with the intent to prevent path traversal. However, it is not mentioned that a similar check must also be performed on the client to prevent *client-side* path traversal. matrix-js-sdk fails to perform this validation. ### Patches Fixed in matrix-js-sdk 34.11.1. ### Workarounds None. ### References - https://spec.matrix.org/v1.12/client-server-api/#security-considerations-5 - https://blog.doyensec.com/2024/07/02/cspt2csrf.html |
Affected by 90 other vulnerabilities. |
|
VCID-77y6-jskt-qucb
Aliases: CVE-2025-59375 |
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. |
Affected by 0 other vulnerabilities. |
|
VCID-7eu3-hxbk-8fd7
Aliases: CVE-2025-1935 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-7q66-66b2-kucc
Aliases: CVE-2025-5266 |
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. |
Affected by 90 other vulnerabilities. |
|
VCID-7v6j-9uuc-qkc8
Aliases: CVE-2025-4919 |
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. |
Affected by 90 other vulnerabilities. |
|
VCID-7wmw-hpfw-vuaa
Aliases: CVE-2026-2761 |
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-84jf-84jx-3fgj
Aliases: CVE-2025-14323 |
Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-8hm6-nz5h-yfcm
Aliases: CVE-2025-4918 |
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. |
Affected by 90 other vulnerabilities. |
|
VCID-8k4z-rq29-mqg5
Aliases: CVE-2024-11697 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-8qyy-e4jt-rbc4
Aliases: CVE-2026-4695 |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-8san-ze3j-dqdx
Aliases: CVE-2025-3030 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-8u4y-zrhv-8fe9
Aliases: CVE-2026-0887 |
Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-8vka-qus2-tbhj
Aliases: CVE-2026-2447 |
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2. |
Affected by 0 other vulnerabilities. |
|
VCID-8xek-k5y2-6bfp
Aliases: CVE-2026-4689 |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-8zy6-g8kn-hbdc
Aliases: CVE-2026-2775 |
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-93au-w2zh-3yhg
Aliases: CVE-2025-10533 |
Integer overflow in the SVG component. This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. |
Affected by 90 other vulnerabilities. |
|
VCID-95vw-esba-23a2
Aliases: CVE-2025-1937 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-962a-dwqf-3ycg
Aliases: CVE-2025-13016 |
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-98mt-7srw-qfh4
Aliases: CVE-2025-5283 |
A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-9rm3-u7dy-zuhu
Aliases: CVE-2025-9180 |
Same-origin policy bypass in the Graphics: Canvas2D component. |
Affected by 90 other vulnerabilities. |
|
VCID-9zxb-j4ep-n7g9
Aliases: CVE-2026-2791 |
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-a8vw-n16x-duee
Aliases: CVE-2025-5264 |
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. |
Affected by 90 other vulnerabilities. |
|
VCID-a98z-hwzc-wkcj
Aliases: CVE-2026-0882 |
Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-aemu-emvp-hkfh
Aliases: CVE-2024-10460 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-as4y-nhw6-akfx
Aliases: CVE-2025-4087 |
A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. |
Affected by 90 other vulnerabilities. |
|
VCID-azdd-vdn3-kffy
Aliases: CVE-2026-2758 |
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-b3rg-quvp-2uha
Aliases: CVE-2025-4083 |
A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. |
Affected by 90 other vulnerabilities. |
|
VCID-b4bq-q3ga-3ff1
Aliases: CVE-2026-4707 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-b5jm-57h2-2qcs
Aliases: CVE-2026-2764 |
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-b5t3-yqha-xyeq
Aliases: CVE-2025-26696 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-b6sf-z5tm-4uau
Aliases: CVE-2026-4696 |
Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-b8dx-232z-qbbc
Aliases: CVE-2026-2779 |
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-bjny-apx2-8ba1
Aliases: CVE-2024-11695 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-bwk4-hqx8-97dy
Aliases: CVE-2024-10459 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-bzgb-mdsk-yua6
Aliases: CVE-2025-1009 |
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. |
Affected by 90 other vulnerabilities. |
|
VCID-c6rx-p235-9bdz
Aliases: CVE-2025-10537 |
Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-cpez-x3zd-p7bu
Aliases: CVE-2026-2785 |
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-cypj-1jsu-cbh5
Aliases: CVE-2025-1016 |
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-db28-rbyf-1qf4
Aliases: CVE-2025-14329 |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-dcjm-7xcr-ayew
Aliases: CVE-2025-5268 |
Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-ddwf-z514-hbbj
Aliases: CVE-2025-10536 |
Information disclosure in the Networking: Cache component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. |
Affected by 90 other vulnerabilities. |
|
VCID-deth-9krh-kufj
Aliases: CVE-2026-0890 |
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-dgwm-n1zx-qkbq
Aliases: CVE-2025-13012 |
Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-dh5k-q87q-4qfs
Aliases: CVE-2024-11696 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-dp5j-4mzw-pqer
Aliases: CVE-2025-4093 |
Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-ds2y-kn7q-vuct
Aliases: CVE-2024-10464 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-dxwp-5jfs-nuew
Aliases: CVE-2026-2778 |
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-e2k8-m9sm-8uek
Aliases: CVE-2026-4699 |
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-e7jk-vs8y-fyhr
Aliases: CVE-2025-13020 |
Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-f1zm-g4es-vfbz
Aliases: CVE-2025-0239 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-f2tn-1hq4-uffa
Aliases: CVE-2025-9179 |
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. |
Affected by 90 other vulnerabilities. |
|
VCID-f5w8-j656-akf4
Aliases: CVE-2025-1017 |
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-ffd7-y29n-6fan
Aliases: CVE-2025-8032 |
XSLT document loading did not correctly propagate the source document which bypassed its CSP. |
Affected by 90 other vulnerabilities. |
|
VCID-ft6u-geds-fua9
Aliases: CVE-2026-4702 |
JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-g3n8-mvdt-cqdj
Aliases: CVE-2025-3029 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-g5yf-hp8r-rkcs
Aliases: CVE-2025-5986 |
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. |
Affected by 90 other vulnerabilities. |
|
VCID-gcnq-avax-aqcv
Aliases: CVE-2026-2776 |
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-gkva-6cu9-7keg
Aliases: CVE-2026-4692 |
Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-gph4-xa9p-73fr
Aliases: CVE-2025-4091 |
Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-grjt-j4at-pqbp
Aliases: CVE-2024-11692 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-h2gc-zk2a-1fg6
Aliases: CVE-2026-0884 |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-h9em-p9se-rucn
Aliases: CVE-2025-14321 |
Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-hccf-ueut-vugw
Aliases: CVE-2025-14322 |
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-hfp7-jaxc-2khq
Aliases: CVE-2025-9181 |
Uninitialized memory in the JavaScript Engine component. |
Affected by 90 other vulnerabilities. |
|
VCID-hfx8-7x82-zqfk
Aliases: CVE-2024-10466 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-hm7h-1na5-7bbx
Aliases: CVE-2025-1015 |
The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. |
Affected by 90 other vulnerabilities. |
|
VCID-hsc9-up4x-nbgs
Aliases: CVE-2026-2762 |
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-hshc-4xnc-gug4
Aliases: CVE-2026-4704 |
Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-hstd-23qm-bqdg
Aliases: CVE-2026-4717 |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-j1hb-8jjy-tqgq
Aliases: CVE-2026-4693 |
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-j5k8-ztxb-uffb
Aliases: CVE-2025-0238 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-j6w1-yhc3-uqfw
Aliases: CVE-2025-6425 |
An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. |
Affected by 90 other vulnerabilities. |
|
VCID-jm7w-hqzq-tqde
Aliases: CVE-2025-8029 |
Thunderbird executed javascript: URLs when used in object and embed tags. |
Affected by 90 other vulnerabilities. |
|
VCID-jybh-8px4-pqau
Aliases: CVE-2026-0885 |
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-jyns-kqp9-4ygh
Aliases: CVE-2025-2830 |
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. |
Affected by 90 other vulnerabilities. |
|
VCID-kdwy-7p45-hbcs
Aliases: CVE-2025-13015 |
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-kk2m-2mxz-sbex
Aliases: CVE-2025-14327 |
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, Firefox ESR < 140.7, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-kkgh-a9hg-fud8
Aliases: CVE-2025-11710 |
A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. |
Affected by 90 other vulnerabilities. |
|
VCID-kuwd-6tcg-fuha
Aliases: CVE-2026-4713 |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-m3mp-su9k-sfhs
Aliases: CVE-2026-2763 |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-m6uv-91wz-xfdv
Aliases: CVE-2026-4700 |
Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-m93r-91y4-xyaz
Aliases: CVE-2025-1010 |
An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. |
Affected by 90 other vulnerabilities. |
|
VCID-menq-g5ce-1yd8
Aliases: CVE-2026-2793 |
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 39 other vulnerabilities. |
|
VCID-mm6w-kpe8-4kg3
Aliases: CVE-2026-4684 |
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-mn6j-2wd1-ukfb
Aliases: CVE-2026-2774 |
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-mrb2-hz9y-4ufp
Aliases: CVE-2025-6430 |
When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a <embed> or <object> tag, potentially making a website vulnerable to a cross-site scripting attack. |
Affected by 90 other vulnerabilities. |
|
VCID-ms9h-982a-pkdu
Aliases: CVE-2025-1014 |
Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. |
Affected by 90 other vulnerabilities. |
|
VCID-mw96-qtnz-gqdx
Aliases: CVE-2024-10465 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-n2hq-1ck4-ayhp
Aliases: CVE-2025-5263 |
Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. |
Affected by 90 other vulnerabilities. |
|
VCID-n3rs-11fq-wqc4
Aliases: CVE-2025-3875 |
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. |
Affected by 90 other vulnerabilities. |
|
VCID-n4hu-b1t6-xkay
Aliases: CVE-2024-10458 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-n9jq-77ud-v7c9
Aliases: CVE-2025-3523 |
When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. |
Affected by 90 other vulnerabilities. |
|
VCID-ndd4-kd1y-z7ep
Aliases: CVE-2026-0878 |
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-nhsr-4zux-2bck
Aliases: CVE-2026-2769 |
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-nkpq-9gd6-nuc4
Aliases: CVE-2026-0891 |
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 39 other vulnerabilities. |
|
VCID-ntqr-ptmu-yuen
Aliases: CVE-2026-2767 |
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-nvsz-9s3r-nbhq
Aliases: CVE-2026-4718 |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-p9zh-7wyj-hffm
Aliases: CVE-2026-2771 |
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-pcgf-xtfq-6ugb
Aliases: CVE-2025-14330 |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-pcrz-f3nj-kybr
Aliases: CVE-2025-1938 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-pemg-ndu8-wbbc
Aliases: CVE-2026-0879 |
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-pj4h-ff45-e3ez
Aliases: CVE-2025-1013 |
A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. |
Affected by 90 other vulnerabilities. |
|
VCID-pneu-6c1f-zkfa
Aliases: CVE-2025-3909 |
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML. |
Affected by 90 other vulnerabilities. |
|
VCID-psc3-4ssv-wyb5
Aliases: CVE-2025-8027 |
On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. |
Affected by 90 other vulnerabilities. |
|
VCID-q1pv-avug-juef
Aliases: CVE-2026-2777 |
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-q9f4-zumy-wbfy
Aliases: CVE-2025-8034 |
Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-qcxw-ds31-3ubd
Aliases: CVE-2026-0818 |
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If the user had additionally allowed loading of the remote content referenced by the outer email message, and the email was crafted by the sender using a combination of CSS rules and fonts and animations, then it was possible to extract the secret contents of the email. |
Affected by 39 other vulnerabilities. |
|
VCID-qeh2-jn2v-9ug7
Aliases: CVE-2025-11709 |
A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. |
Affected by 90 other vulnerabilities. |
|
VCID-qgvy-hzsx-hkge
Aliases: CVE-2025-13014 |
Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-qkks-24cp-gqg2
Aliases: CVE-2026-4706 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-qm8f-f8nr-qba9
Aliases: CVE-2026-0880 |
Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-qta2-8rnt-k7d1
Aliases: CVE-2026-2788 |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-qtcm-9z3v-dydn
Aliases: CVE-2025-0241 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-qw3q-xg7s-wbd7
Aliases: CVE-2025-26695 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-qz95-5z9e-7qb7
Aliases: CVE-2025-8033 |
The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. |
Affected by 90 other vulnerabilities. |
|
VCID-r29z-4m4j-8kft
Aliases: CVE-2025-6424 |
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. |
Affected by 90 other vulnerabilities. |
|
VCID-r7ss-g876-c7fg
Aliases: CVE-2025-0237 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-r7vt-w149-9bfn
Aliases: CVE-2026-2773 |
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-rcg4-7hjg-v7du
Aliases: CVE-2024-10463 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-rfve-tkv7-13dv
Aliases: CVE-2025-3522 |
Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. |
Affected by 90 other vulnerabilities. |
|
VCID-rg63-avu7-2bdc
Aliases: CVE-2025-10527 |
Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. |
Affected by 90 other vulnerabilities. |
|
VCID-rkj9-dd18-xka9
Aliases: CVE-2025-5267 |
A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. |
Affected by 90 other vulnerabilities. |
|
VCID-rp5h-ym8y-skbw
Aliases: CVE-2026-4701 |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-ruc1-kmaz-fkbb
Aliases: CVE-2025-10532 |
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3. |
Affected by 90 other vulnerabilities. |
|
VCID-s89g-7f5f-5qd2
Aliases: CVE-2025-6429 |
Thunderbird could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. |
Affected by 90 other vulnerabilities. |
|
VCID-sg2y-gfue-6qam
Aliases: CVE-2024-10461 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-sgwe-9xfj-6kav
Aliases: CVE-2026-2783 |
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-ss9j-7jd7-nbf1
Aliases: CVE-2026-2770 |
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-svy5-paub-2bhr
Aliases: CVE-2025-0510 |
Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. |
Affected by 90 other vulnerabilities. |
|
VCID-t2c3-smqc-zkba
Aliases: CVE-2026-0877 |
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-t4t3-5pt5-ayds
Aliases: CVE-2026-4685 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-t9cw-yjar-ckfd
Aliases: CVE-2025-11712 |
A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header. |
Affected by 90 other vulnerabilities. |
|
VCID-te1e-sjsk-bfd8
Aliases: CVE-2026-2768 |
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-tgpf-32kg-rqc2
Aliases: CVE-2025-0240 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-tgsj-hp8b-27f9
Aliases: CVE-2025-11711 |
There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. |
Affected by 90 other vulnerabilities. |
|
VCID-tkzd-c11q-3qaf
Aliases: CVE-2025-14331 |
Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-u3j3-fc4f-7ff7
Aliases: CVE-2026-4686 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-ud33-vgxh-8khj
Aliases: CVE-2026-2766 |
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-ukf2-qcjg-u7bg
Aliases: CVE-2025-0243 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-ukut-zyjx-93gq
Aliases: CVE-2025-13013 |
Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-upvn-56py-8ud7
Aliases: CVE-2025-1933 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-uy2g-rmuh-pkbe
Aliases: CVE-2025-3932 |
It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. |
Affected by 90 other vulnerabilities. |
|
VCID-vcnn-u8k9-8ubs
Aliases: CVE-2025-8035 |
Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-vdpy-f9d9-pfac
Aliases: CVE-2024-10467 |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-vszp-vyxy-f7g7
Aliases: CVE-2026-2781 |
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-vz6w-wghm-nqaq
Aliases: CVE-2025-9185 |
Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-w4u8-25rz-gqeq
Aliases: CVE-2026-2782 |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-w6j3-6a6j-uqf1
Aliases: CVE-2025-1931 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-w7gj-shrq-3fcz
Aliases: CVE-2024-11699 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-wagm-cq36-k7g3
Aliases: CVE-2026-2760 |
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-wmyy-2cg3-wyhc
Aliases: CVE-2026-4697 |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-wqw2-gjvu-6qbu
Aliases: CVE-2026-4690 |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-wvx2-pba2-sqha
Aliases: CVE-2026-4708 |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-wwdh-xmux-3qdq
Aliases: CVE-2026-2759 |
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-wwkc-4c69-cbea
Aliases: CVE-2026-2784 |
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-wz6r-xzm9-m7hp
Aliases: CVE-2025-13017 |
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. |
Affected by 90 other vulnerabilities. |
|
VCID-xcbn-tkgg-4ben
Aliases: CVE-2026-2772 |
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. |
Affected by 39 other vulnerabilities. |
|
VCID-xghm-4ygw-tkb2
Aliases: CVE-2025-14324 |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. |
Affected by 90 other vulnerabilities. |
|
VCID-y45y-r8h7-6yez
Aliases: CVE-2025-5269 |
Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. |
Affected by 90 other vulnerabilities. |
|
VCID-y7sk-dmau-4fam
Aliases: CVE-2025-1936 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-yfwd-x224-3qe6
Aliases: CVE-2025-8030 |
Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. |
Affected by 90 other vulnerabilities. |
|
VCID-yjc2-2whn-uug5
Aliases: CVE-2026-4694 |
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-ymak-rv52-h7a5
Aliases: CVE-2026-4710 |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
Affected by 0 other vulnerabilities. |
|
VCID-ymu8-mjph-f7a4
Aliases: CVE-2025-1012 |
A race during concurrent delazification could have led to a use-after-free. |
Affected by 90 other vulnerabilities. |
|
VCID-z8cr-rten-qqg2
Aliases: CVE-2025-1932 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
|
VCID-zdxh-fp2e-47dd
Aliases: CVE-2026-0883 |
Information disclosure in the Networking component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7. |
Affected by 39 other vulnerabilities. |
|
VCID-zefw-etrb-z3fu
Aliases: CVE-2024-43097 |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. |
Affected by 90 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2j6k-5q8j-3fbc | Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution. |
CVE-2024-9680
|
| VCID-2pvz-3cmq-53dk | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7519
|
| VCID-3ayf-d2s1-67ff | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-8382
|
| VCID-7wvh-upas-2bgh | An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. |
CVE-2024-9394
|
| VCID-957q-jagj-9kg7 | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7527
|
| VCID-frvc-mqhd-eydh | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-6601
|
| VCID-hetc-sghb-1fcx | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-8384
|
| VCID-jt6f-rpfx-7kbj | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-8383
|
| VCID-ka9e-ps8e-ryc8 | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-9392
|
| VCID-kx3j-abfc-qfh2 | An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. |
CVE-2024-9393
|
| VCID-m9h1-aw7r-jqb2 | An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. |
CVE-2024-7652
|
| VCID-s556-eg79-77gu | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7522
|
| VCID-svqy-5b6h-7yfj | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-6603
|
| VCID-t52p-7rr7-57ax | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-6604
|
| VCID-tegn-2y58-t3de | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7521
|
| VCID-ux24-3d83-23c6 | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-8381
|
| VCID-w794-gqex-83du | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-6602
|
| VCID-xevc-xbcg-1yct | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7526
|
| VCID-xyqa-esey-73e1 | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7525
|
| VCID-z6kw-szww-7feq | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-7529
|
| VCID-z6yt-va55-s3ey | Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
CVE-2024-9401
|