{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","type":"deb","namespace":"debian","name":"thunderbird","version":"1:140.8.0esr-1~deb12u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:140.8.0esr-1~deb13u1","latest_non_vulnerable_version":"1:140.11.0esr-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27539?format=json","vulnerability_id":"VCID-178t-yzh6-8qe2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2766","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07125","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0713","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07136","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442294","reference_id":"2442294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442294"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013583","reference_id":"show_bug.cgi?id=2013583","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2766"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-178t-yzh6-8qe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27552?format=json","vulnerability_id":"VCID-1sr4-f1nt-vfbq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2777","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21061","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21041","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20864","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442312","reference_id":"2442312","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442312"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015305","reference_id":"show_bug.cgi?id=2015305","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015305"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2777"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1sr4-f1nt-vfbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27540?format=json","vulnerability_id":"VCID-1zf5-vvdz-4ba2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2767","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18075","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.181","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17925","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18084","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442328","reference_id":"2442328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442328"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013741","reference_id":"show_bug.cgi?id=2013741","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2767"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zf5-vvdz-4ba2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27529?format=json","vulnerability_id":"VCID-3egb-df9u-a3ds","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2761","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34818","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34837","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34812","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34633","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442309","reference_id":"2442309","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442309"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011063","reference_id":"show_bug.cgi?id=2011063","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011063"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2761"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3egb-df9u-a3ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27546?format=json","vulnerability_id":"VCID-3ttb-skym-cyfy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2772","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06097","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06109","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06115","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06095","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442326","reference_id":"2442326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442326"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014827","reference_id":"show_bug.cgi?id=2014827","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2772"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ttb-skym-cyfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27558?format=json","vulnerability_id":"VCID-44qp-d2vx-yybd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2780","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0562","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05628","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05608","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05634","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442334","reference_id":"2442334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442334"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2007829","reference_id":"show_bug.cgi?id=2007829","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2007829"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2780"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44qp-d2vx-yybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27526?format=json","vulnerability_id":"VCID-4nz5-2hew-4fhe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2760","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24053","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24074","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24066","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23868","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442325","reference_id":"2442325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442325"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011062","reference_id":"show_bug.cgi?id=2011062","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2760"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nz5-2hew-4fhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27535?format=json","vulnerability_id":"VCID-4uav-r3pd-3yg4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2764","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07534","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07543","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07549","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07515","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442329","reference_id":"2442329","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442329"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012608","reference_id":"show_bug.cgi?id=2012608","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2764"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4uav-r3pd-3yg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27542?format=json","vulnerability_id":"VCID-6jk7-9qz4-5ba3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2769","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06262","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06282","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06293","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06273","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442295","reference_id":"2442295","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442295"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014550","reference_id":"show_bug.cgi?id=2014550","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014550"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2769"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6jk7-9qz4-5ba3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27565?format=json","vulnerability_id":"VCID-6ujh-7dtw-27br","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2785","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05788","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05799","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05786","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05808","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442284","reference_id":"2442284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442284"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013549","reference_id":"show_bug.cgi?id=2013549","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013549"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2785"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ujh-7dtw-27br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27536?format=json","vulnerability_id":"VCID-72m5-etuc-bqgc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2765","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07125","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0713","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07136","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442333","reference_id":"2442333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442333"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013562","reference_id":"show_bug.cgi?id=2013562","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013562"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2765"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-72m5-etuc-bqgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27564?format=json","vulnerability_id":"VCID-7aw4-8z6e-u3ga","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2784","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06838","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06851","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0684","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06863","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442304","reference_id":"2442304","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442304"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012984","reference_id":"show_bug.cgi?id=2012984","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012984"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2784"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7aw4-8z6e-u3ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27588?format=json","vulnerability_id":"VCID-97x1-sewv-1ugq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2791","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08457","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08462","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08459","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08418","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442342","reference_id":"2442342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442342"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015220","reference_id":"show_bug.cgi?id=2015220","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015220"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2791"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97x1-sewv-1ugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27530?format=json","vulnerability_id":"VCID-9tpz-hpkt-bkh4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2762","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07125","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0713","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07136","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442308","reference_id":"2442308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442308"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011649","reference_id":"show_bug.cgi?id=2011649","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011649"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2762"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tpz-hpkt-bkh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27548?format=json","vulnerability_id":"VCID-b64z-jkem-4bd9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2773","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08918","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08929","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08881","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08924","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442319","reference_id":"2442319","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442319"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014832","reference_id":"show_bug.cgi?id=2014832","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014832"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2773"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b64z-jkem-4bd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27551?format=json","vulnerability_id":"VCID-bg2s-53pk-nkck","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2776","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08719","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08726","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08721","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08678","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442291","reference_id":"2442291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442291"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015266","reference_id":"show_bug.cgi?id=2015266","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015266"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2776"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bg2s-53pk-nkck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27576?format=json","vulnerability_id":"VCID-btxh-s339-pkgg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2787","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05911","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05918","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05926","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442297","reference_id":"2442297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442297"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014560","reference_id":"show_bug.cgi?id=2014560","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014560"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2787"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-btxh-s339-pkgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27559?format=json","vulnerability_id":"VCID-ca4b-sk7x-zqf1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2781","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18421","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18444","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18423","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18259","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442292","reference_id":"2442292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442292"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009552","reference_id":"show_bug.cgi?id=2009552","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009552"},{"reference_url":"https://usn.ubuntu.com/8071-1/","reference_id":"USN-8071-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8071-1/"},{"reference_url":"https://usn.ubuntu.com/8071-2/","reference_id":"USN-8071-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8071-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2781"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ca4b-sk7x-zqf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27555?format=json","vulnerability_id":"VCID-ckmn-x1qb-h3ae","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2779","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07125","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0713","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07136","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442327","reference_id":"2442327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442327"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1164141","reference_id":"show_bug.cgi?id=1164141","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1164141"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2779"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ckmn-x1qb-h3ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27590?format=json","vulnerability_id":"VCID-csj1-ekj2-ekhx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2793","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22695","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22714","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22701","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22506","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442287","reference_id":"2442287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442287"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498","reference_id":"buglist.cgi?bug_id=2015196%2C2016423%2C2016498","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2793"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csj1-ekj2-ekhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27553?format=json","vulnerability_id":"VCID-d3ky-uzdf-xqex","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2778","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08719","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08726","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08721","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08678","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442335","reference_id":"2442335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442335"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016358","reference_id":"show_bug.cgi?id=2016358","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016358"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2778"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3ky-uzdf-xqex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27533?format=json","vulnerability_id":"VCID-dma6-t7rf-13c5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2763","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07321","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07323","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0733","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07289","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442316","reference_id":"2442316","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442316"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012018","reference_id":"show_bug.cgi?id=2012018","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012018"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2763"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dma6-t7rf-13c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27580?format=json","vulnerability_id":"VCID-e84z-cry3-ukff","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2788","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07321","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07323","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0733","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07289","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442302","reference_id":"2442302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442302"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014824","reference_id":"show_bug.cgi?id=2014824","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014824"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2788"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e84z-cry3-ukff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27586?format=json","vulnerability_id":"VCID-e8jm-ht3p-yfeb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2790","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07594","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07603","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07572","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07607","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442313","reference_id":"2442313","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442313"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2008426","reference_id":"show_bug.cgi?id=2008426","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2008426"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2790"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8jm-ht3p-yfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27541?format=json","vulnerability_id":"VCID-efhw-pnsx-qydj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2768","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27681","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27695","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27468","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27671","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2768"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442298","reference_id":"2442298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442298"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014101","reference_id":"show_bug.cgi?id=2014101","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014101"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2768"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efhw-pnsx-qydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27523?format=json","vulnerability_id":"VCID-h9j2-r252-zbbw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2758","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21513","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21539","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21525","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21341","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442337","reference_id":"2442337","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442337"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009608","reference_id":"show_bug.cgi?id=2009608","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2758"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h9j2-r252-zbbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27522?format=json","vulnerability_id":"VCID-jpnu-ufhr-eycb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2757","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21513","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21539","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21525","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21341","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442324","reference_id":"2442324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442324"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2001637","reference_id":"show_bug.cgi?id=2001637","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2001637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2757"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpnu-ufhr-eycb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27549?format=json","vulnerability_id":"VCID-k84t-93dk-sqfj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2774","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0731","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07309","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07276","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07317","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442290","reference_id":"2442290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442290"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014883","reference_id":"show_bug.cgi?id=2014883","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2774"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k84t-93dk-sqfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27589?format=json","vulnerability_id":"VCID-n8h6-1pvq-dkbd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2792","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22365","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22387","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22182","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22373","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442318","reference_id":"2442318","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442318"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331","reference_id":"buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2792"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8h6-1pvq-dkbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27524?format=json","vulnerability_id":"VCID-pu6a-5xe5-duer","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2759","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21513","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21539","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21525","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21341","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442307","reference_id":"2442307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442307"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010933","reference_id":"show_bug.cgi?id=2010933","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2759"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pu6a-5xe5-duer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27574?format=json","vulnerability_id":"VCID-qghn-cbbt-93b1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2786","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05808","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05788","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05799","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05786","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442320","reference_id":"2442320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442320"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013612","reference_id":"show_bug.cgi?id=2013612","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013612"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2786"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qghn-cbbt-93b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27584?format=json","vulnerability_id":"VCID-sbbm-w1j8-ekh7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2789","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05911","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05918","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05926","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442322","reference_id":"2442322","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442322"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015179","reference_id":"show_bug.cgi?id=2015179","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015179"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2789"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbbm-w1j8-ekh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27560?format=json","vulnerability_id":"VCID-sp7x-pbdw-efb5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2782","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1885","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18874","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18693","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18855","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442331","reference_id":"2442331","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442331"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010743","reference_id":"show_bug.cgi?id=2010743","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010743"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2782"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sp7x-pbdw-efb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27544?format=json","vulnerability_id":"VCID-vjvu-eqvg-vfdt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2770","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04987","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04998","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05012","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05009","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442343","reference_id":"2442343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442343"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014585","reference_id":"show_bug.cgi?id=2014585","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2770"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjvu-eqvg-vfdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27545?format=json","vulnerability_id":"VCID-wvp2-eg76-k7bj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2771","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08918","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08929","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08924","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08881","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442288","reference_id":"2442288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442288"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014593","reference_id":"show_bug.cgi?id=2014593","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2771"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvp2-eg76-k7bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27550?format=json","vulnerability_id":"VCID-x88w-8mgh-mbg7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2775","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08645","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0865","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08647","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08606","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442314","reference_id":"2442314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442314"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015199","reference_id":"show_bug.cgi?id=2015199","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015199"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2775"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x88w-8mgh-mbg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27562?format=json","vulnerability_id":"VCID-yrqg-1k5g-p3b1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2783","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14753","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14663","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14782","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14784","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442300","reference_id":"2442300","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442300"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010943","reference_id":"show_bug.cgi?id=2010943","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010943"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105328?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105569?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105568?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105570?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105567?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105326?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105330?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105329?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2783"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yrqg-1k5g-p3b1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb12u1%3Fdistro=trixie"}