{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","type":"deb","namespace":"debian","name":"thunderbird","version":"1:140.7.0esr-1~deb12u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:140.7.0esr-1~deb13u1","latest_non_vulnerable_version":"1:140.11.0esr-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26595?format=json","vulnerability_id":"VCID-2bh9-mtaj-5qcs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0879","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07565","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428973","reference_id":"2428973","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428973"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004602","reference_id":"show_bug.cgi?id=2004602","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004602"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0879"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bh9-mtaj-5qcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26600?format=json","vulnerability_id":"VCID-5zn8-8npq-yybh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0884","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07426","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0884"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428967","reference_id":"2428967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428967"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003588","reference_id":"show_bug.cgi?id=2003588","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003588"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0884"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zn8-8npq-yybh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26594?format=json","vulnerability_id":"VCID-681s-ne3z-juc1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0878","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05599","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0878"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428965","reference_id":"2428965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428965"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003989","reference_id":"show_bug.cgi?id=2003989","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003989"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0878"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-681s-ne3z-juc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26596?format=json","vulnerability_id":"VCID-6yqb-dkbz-63d9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0880","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.04073","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0880"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428975","reference_id":"2428975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428975"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005014","reference_id":"show_bug.cgi?id=2005014","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005014"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0880"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yqb-dkbz-63d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26593?format=json","vulnerability_id":"VCID-74f2-17xb-u7fv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0877","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04147","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428969","reference_id":"2428969","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428969"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1999257","reference_id":"show_bug.cgi?id=1999257","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1999257"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0877"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-74f2-17xb-u7fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26603?format=json","vulnerability_id":"VCID-7cau-br4j-q7g1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0887","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0124","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0887"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428972","reference_id":"2428972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428972"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2006500","reference_id":"show_bug.cgi?id=2006500","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2006500"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0887"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7cau-br4j-q7g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22606?format=json","vulnerability_id":"VCID-7npb-n2u3-y7de","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14327","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04394","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420507","reference_id":"2420507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420507"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970743","reference_id":"show_bug.cgi?id=1970743","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970743"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-14327"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7npb-n2u3-y7de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26606?format=json","vulnerability_id":"VCID-gqwf-ccxj-k3ha","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0890","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02391","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428971","reference_id":"2428971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428971"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005081","reference_id":"show_bug.cgi?id=2005081","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005081"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0890"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqwf-ccxj-k3ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26602?format=json","vulnerability_id":"VCID-hhzs-n4qd-bbar","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0886","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03448","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0886"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428978","reference_id":"2428978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428978"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005658","reference_id":"show_bug.cgi?id=2005658","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005658"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0886"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhzs-n4qd-bbar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26598?format=json","vulnerability_id":"VCID-hykc-wzp9-m3bz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0882","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.04073","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428966","reference_id":"2428966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428966"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924125","reference_id":"show_bug.cgi?id=1924125","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924125"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0882"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hykc-wzp9-m3bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26599?format=json","vulnerability_id":"VCID-k868-ej6h-27hx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0883","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02082","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428968","reference_id":"2428968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428968"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989340","reference_id":"show_bug.cgi?id=1989340","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989340"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0883"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k868-ej6h-27hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26601?format=json","vulnerability_id":"VCID-kuha-yt8d-d3hd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0885","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05904","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428961","reference_id":"2428961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428961"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003607","reference_id":"show_bug.cgi?id=2003607","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003607"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0885"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuha-yt8d-d3hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26607?format=json","vulnerability_id":"VCID-pmwj-duaq-fqf9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0891","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04907","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428963","reference_id":"2428963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428963"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278","reference_id":"buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105535?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105534?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105537?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105536?format=json","purl":"pkg:deb/debian/thunderbird@1:140.7.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-0891"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmwj-duaq-fqf9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.7.0esr-1~deb12u1%3Fdistro=trixie"}