{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","type":"deb","namespace":"debian","name":"firefox-esr","version":"140.10.2esr-1~deb12u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"140.11.0esr-1~deb12u1","latest_non_vulnerable_version":"140.11.0esr-1~deb12u1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/367?format=json","vulnerability_id":"VCID-11ng-ds1t-ybdy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8946.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8946","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15758","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15708","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15748","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479849","reference_id":"2479849","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479849"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029070","reference_id":"show_bug.cgi?id=2029070","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029070"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8946"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11ng-ds1t-ybdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/371?format=json","vulnerability_id":"VCID-1sgn-41vs-efcy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8401","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24553","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24488","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24543","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476492","reference_id":"2476492","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476492"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-45/","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038679","reference_id":"show_bug.cgi?id=2038679","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038679"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8401"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1sgn-41vs-efcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/385?format=json","vulnerability_id":"VCID-5fc5-xu9y-ekca","summary":"Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8974.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8974.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8974","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14331","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14366","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14368","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8974"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479855","reference_id":"2479855","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479855"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8974"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fc5-xu9y-ekca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/373?format=json","vulnerability_id":"VCID-5h7s-sfrz-eye3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8950.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8950","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05099","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05077","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05084","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8950"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479853","reference_id":"2479853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479853"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1965430","reference_id":"show_bug.cgi?id=1965430","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1965430"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8950"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5h7s-sfrz-eye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/375?format=json","vulnerability_id":"VCID-e6ek-fjxf-subv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8954.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8954","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14044","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14079","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14081","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479847","reference_id":"2479847","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479847"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030747","reference_id":"show_bug.cgi?id=2030747","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030747"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8954"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6ek-fjxf-subv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/379?format=json","vulnerability_id":"VCID-fbuu-t3mf-cfeg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8958.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8958.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8958","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18363","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18329","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18366","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8958"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479848","reference_id":"2479848","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479848"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034713","reference_id":"show_bug.cgi?id=2034713","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034713"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8958"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbuu-t3mf-cfeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/369?format=json","vulnerability_id":"VCID-fhmv-bse8-abaw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8947.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8947","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20297","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20259","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20308","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479873","reference_id":"2479873","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479873"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038439","reference_id":"show_bug.cgi?id=2038439","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8947"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhmv-bse8-abaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/376?format=json","vulnerability_id":"VCID-g339-cuzq-ffh1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8955.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8955.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8955","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8955"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479842","reference_id":"2479842","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479842"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2031064","reference_id":"show_bug.cgi?id=2031064","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2031064"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8955"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g339-cuzq-ffh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1090?format=json","vulnerability_id":"VCID-ghpk-c1e6-pkae","summary":"Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89879","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89877","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89878","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191"},{"reference_url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"},{"reference_url":"https://crbug.com/1486441","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://crbug.com/1486441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/12"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/16","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/pull/40022","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40022"},{"reference_url":"https://github.com/electron/electron/pull/40023","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40023"},{"reference_url":"https://github.com/electron/electron/pull/40024","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40024"},{"reference_url":"https://github.com/electron/electron/pull/40025","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40025"},{"reference_url":"https://github.com/electron/electron/pull/40026","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40026"},{"reference_url":"https://github.com/electron/electron/releases/tag/v22.3.25","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v22.3.25"},{"reference_url":"https://github.com/electron/electron/releases/tag/v24.8.5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v24.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v25.8.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v25.8.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v26.2.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v26.2.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8"},{"reference_url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"},{"reference_url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"},{"reference_url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1"},{"reference_url":"https://github.com/webmproject/libvpx/tags","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/tags"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"},{"reference_url":"https://pastebin.com/TdkC4pDv","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://pastebin.com/TdkC4pDv"},{"reference_url":"https://security.gentoo.org/glsa/202310-04","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202310-04"},{"reference_url":"https://security.gentoo.org/glsa/202401-34","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202401-34"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"},{"reference_url":"https://support.apple.com/kb/HT213961","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213961"},{"reference_url":"https://support.apple.com/kb/HT213972","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213972"},{"reference_url":"https://twitter.com/maddiestone/status/1707163313711497266","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://twitter.com/maddiestone/status/1707163313711497266"},{"reference_url":"https://www.debian.org/security/2023/dsa-5508","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5508"},{"reference_url":"https://www.debian.org/security/2023/dsa-5509","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5509"},{"reference_url":"https://www.debian.org/security/2023/dsa-5510","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5510"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/14","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/02/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/02/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/03/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/03/11"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182","reference_id":"1053182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/","reference_id":"AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-5217"},{"reference_url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g","reference_id":"GHSA-qqvq-6xgj-jw8g","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44","reference_id":"mfsa2023-44","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"critical","scoring_system":"generic_textual","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5426","reference_id":"RHSA-2023:5426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5427","reference_id":"RHSA-2023:5427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5428","reference_id":"RHSA-2023:5428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5429","reference_id":"RHSA-2023:5429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5430","reference_id":"RHSA-2023:5430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5432","reference_id":"RHSA-2023:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5433","reference_id":"RHSA-2023:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5434","reference_id":"RHSA-2023:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5435","reference_id":"RHSA-2023:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5436","reference_id":"RHSA-2023:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5437","reference_id":"RHSA-2023:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5438","reference_id":"RHSA-2023:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5439","reference_id":"RHSA-2023:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5440","reference_id":"RHSA-2023:5440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5475","reference_id":"RHSA-2023:5475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5477","reference_id":"RHSA-2023:5477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5534","reference_id":"RHSA-2023:5534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5535","reference_id":"RHSA-2023:5535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5536","reference_id":"RHSA-2023:5536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5537","reference_id":"RHSA-2023:5537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5538","reference_id":"RHSA-2023:5538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5539","reference_id":"RHSA-2023:5539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5540","reference_id":"RHSA-2023:5540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5540"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","reference_id":"TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"},{"reference_url":"https://usn.ubuntu.com/6403-1/","reference_id":"USN-6403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-1/"},{"reference_url":"https://usn.ubuntu.com/6403-2/","reference_id":"USN-6403-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-2/"},{"reference_url":"https://usn.ubuntu.com/6403-3/","reference_id":"USN-6403-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-3/"},{"reference_url":"https://usn.ubuntu.com/6404-1/","reference_id":"USN-6404-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6404-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"},{"reference_url":"https://usn.ubuntu.com/7172-1/","reference_id":"USN-7172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2023-5217","GHSA-qqvq-6xgj-jw8g"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ghpk-c1e6-pkae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/368?format=json","vulnerability_id":"VCID-hjh5-utas-ekb9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8388.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8388","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13575","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13534","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1357","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476469","reference_id":"2476469","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476469"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-45/","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2036978","reference_id":"show_bug.cgi?id=2036978","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2036978"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8388"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjh5-utas-ekb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/377?format=json","vulnerability_id":"VCID-rne7-tu7d-v7e9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8956.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8956","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.2006","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20099","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20105","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8956"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479839","reference_id":"2479839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479839"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032427","reference_id":"show_bug.cgi?id=2032427","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032427"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8956"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rne7-tu7d-v7e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/384?format=json","vulnerability_id":"VCID-tqws-w9ga-gqew","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8970.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8970.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8970","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8970"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479852","reference_id":"2479852","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479852"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032174","reference_id":"show_bug.cgi?id=2032174","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032174"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8970"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqws-w9ga-gqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/386?format=json","vulnerability_id":"VCID-tuxm-fxt8-vbee","summary":"Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8975.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8975","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14692","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14686","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479840","reference_id":"2479840","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479840"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669","reference_id":"buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8975"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tuxm-fxt8-vbee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/374?format=json","vulnerability_id":"VCID-tzqv-xgdb-efa1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8953.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8953.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8953","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14692","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14686","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8953"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479860","reference_id":"2479860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479860"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029511","reference_id":"show_bug.cgi?id=2029511","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029511"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8953"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzqv-xgdb-efa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/378?format=json","vulnerability_id":"VCID-uncq-bg36-3yfe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8957.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8957","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8957"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479880","reference_id":"2479880","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479880"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2033850","reference_id":"show_bug.cgi?id=2033850","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2033850"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8957"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uncq-bg36-3yfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/382?format=json","vulnerability_id":"VCID-vseb-hh7u-1fc5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8962.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8962.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8962","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15168","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15211","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15221","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8962"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479876","reference_id":"2479876","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479876"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004804","reference_id":"show_bug.cgi?id=2004804","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004804"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8962"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vseb-hh7u-1fc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/370?format=json","vulnerability_id":"VCID-w8ts-g59t-z3d7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8391.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8391","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28818","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28783","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28853","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8391"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476475","reference_id":"2476475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476475"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-45/","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038575","reference_id":"show_bug.cgi?id=2038575","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8391"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w8ts-g59t-z3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/381?format=json","vulnerability_id":"VCID-z1zg-s87s-fkdu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8961.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8961","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1059","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10574","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10613","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8961"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479871","reference_id":"2479871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479871"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1962625","reference_id":"show_bug.cgi?id=1962625","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1962625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8961"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z1zg-s87s-fkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/383?format=json","vulnerability_id":"VCID-z8mw-3stk-vbdg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8968.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8968","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19523","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19475","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19518","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479846","reference_id":"2479846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479846"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030467","reference_id":"show_bug.cgi?id=2030467","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8968"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8mw-3stk-vbdg"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/352?format=json","vulnerability_id":"VCID-1a91-6a49-mkcr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2782","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18673","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18713","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18711","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442331","reference_id":"2442331","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442331"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010743","reference_id":"show_bug.cgi?id=2010743","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010743"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2782"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1a91-6a49-mkcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/771?format=json","vulnerability_id":"VCID-1abm-abmd-fqe9","summary":"The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8033.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8033.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8033","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66716","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66709","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66724","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8033","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8033"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382717","reference_id":"2382717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382717"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-57/","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1973990","reference_id":"show_bug.cgi?id=1973990","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1973990"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8033"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1abm-abmd-fqe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/698?format=json","vulnerability_id":"VCID-1e6u-mg34-z7dt","summary":"An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1010.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1010","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5727","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57282","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57274","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1010"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343750","reference_id":"2343750","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343750"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-08/","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-08/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936982","reference_id":"show_bug.cgi?id=1936982","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936982"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1010"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1e6u-mg34-z7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/712?format=json","vulnerability_id":"VCID-1gu2-rmpc-kbcy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10533.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10533","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33232","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33269","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33255","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395766","reference_id":"2395766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395766"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-74","reference_id":"mfsa2025-74","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-74"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-74/","reference_id":"mfsa2025-74","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-74/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1980788","reference_id":"show_bug.cgi?id=1980788","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1980788"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10533"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gu2-rmpc-kbcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/800?format=json","vulnerability_id":"VCID-1hp8-m7d3-rqeu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14331.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14331","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11481","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11444","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11484","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14331"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420512","reference_id":"2420512","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420512"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-93/","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-93/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2000218","reference_id":"show_bug.cgi?id=2000218","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2000218"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14331"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hp8-m7d3-rqeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/292?format=json","vulnerability_id":"VCID-1hzr-cs91-m3be","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4695","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06466","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06477","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06484","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450715","reference_id":"2450715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450715"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020030","reference_id":"show_bug.cgi?id=2020030","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020030"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4695"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hzr-cs91-m3be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/749?format=json","vulnerability_id":"VCID-1pzp-mm6e-kbdc","summary":"Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5268","reference_id":"","reference_type":"","scores":[{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63364","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63375","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63367","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368752","reference_id":"2368752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368752"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634","reference_id":"buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-42/","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-45/","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5268"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pzp-mm6e-kbdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18?format=json","vulnerability_id":"VCID-1x7x-tfus-rqcj","summary":"An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin.  This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9393.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9393","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37726","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37757","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37753","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9393"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9393","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9393"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315956","reference_id":"2315956","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315956"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918301","reference_id":"show_bug.cgi?id=1918301","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918301"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-9393"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1x7x-tfus-rqcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/410?format=json","vulnerability_id":"VCID-218f-qtyn-zfhq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0887","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04572","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04584","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04597","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0887"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428972","reference_id":"2428972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428972"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2006500","reference_id":"show_bug.cgi?id=2006500","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2006500"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0887"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-218f-qtyn-zfhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/758?format=json","vulnerability_id":"VCID-24uq-dsuk-dffc","summary":"jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1936","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39788","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39814","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39811","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349797","reference_id":"2349797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349797"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940027","reference_id":"show_bug.cgi?id=1940027","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940027"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1936"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24uq-dsuk-dffc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/769?format=json","vulnerability_id":"VCID-2bdg-a23f-xkeg","summary":"The username:password part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8031.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8031","reference_id":"","reference_type":"","scores":[{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63678","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63677","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63685","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8031"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382704","reference_id":"2382704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382704"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1971719","reference_id":"show_bug.cgi?id=1971719","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1971719"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8031"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bdg-a23f-xkeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357?format=json","vulnerability_id":"VCID-2kfq-f6kt-1qca","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2787","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05876","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05874","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05883","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442297","reference_id":"2442297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442297"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014560","reference_id":"show_bug.cgi?id=2014560","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014560"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2787"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2kfq-f6kt-1qca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/715?format=json","vulnerability_id":"VCID-2rfk-hgrd-9ug9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10536.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10536","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0927","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09291","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09272","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395764","reference_id":"2395764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1981502","reference_id":"show_bug.cgi?id=1981502","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1981502"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10536"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2rfk-hgrd-9ug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/341?format=json","vulnerability_id":"VCID-2t26-gcvr-q7hb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2771","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08837","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08857","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0884","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442288","reference_id":"2442288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442288"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014593","reference_id":"show_bug.cgi?id=2014593","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2771"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2t26-gcvr-q7hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/293?format=json","vulnerability_id":"VCID-2vuj-4f6e-8kdq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4696","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09255","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09235","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450740","reference_id":"2450740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450740"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020190","reference_id":"show_bug.cgi?id=2020190","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4696"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vuj-4f6e-8kdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109?format=json","vulnerability_id":"VCID-34s2-6xpa-gfcw","summary":"Video frames could have been leaked between origins in some situations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64876","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64887","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64877","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439","reference_id":"2322439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800","reference_id":"show_bug.cgi?id=1920800","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10463"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-34s2-6xpa-gfcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/291?format=json","vulnerability_id":"VCID-39e6-gku3-uyd1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4694","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0677","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06782","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06778","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450747","reference_id":"2450747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450747"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018430","reference_id":"show_bug.cgi?id=2018430","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018430"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4694"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39e6-gku3-uyd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/302?format=json","vulnerability_id":"VCID-3cv5-x8ek-xfb7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4706","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450714","reference_id":"2450714","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450714"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015091","reference_id":"show_bug.cgi?id=2015091","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4706"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3cv5-x8ek-xfb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/778?format=json","vulnerability_id":"VCID-3fcq-bsy8-gbgd","summary":"When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0241","reference_id":"","reference_type":"","scores":[{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27368","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27328","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27418","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336168","reference_id":"2336168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336168"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1933023","reference_id":"show_bug.cgi?id=1933023","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1933023"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0241"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fcq-bsy8-gbgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78?format=json","vulnerability_id":"VCID-3g2k-au3t-a7c9","summary":"Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11694","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.352","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35185","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328941","reference_id":"2328941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328941"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-65/","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-70/","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-70/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924167","reference_id":"show_bug.cgi?id=1924167","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924167"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"},{"reference_url":"https://usn.ubuntu.com/7193-1/","reference_id":"USN-7193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7193-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11694"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3g2k-au3t-a7c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/739?format=json","vulnerability_id":"VCID-3h2m-ew2t-kfd9","summary":"Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9185.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9185","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36157","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36197","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36188","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9185"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389584","reference_id":"2389584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389584"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1970154%2C1976782%2C1977166","reference_id":"buglist.cgi?bug_id=1970154%2C1976782%2C1977166","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1970154%2C1976782%2C1977166"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-64/","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-65","reference_id":"mfsa2025-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-65/","reference_id":"mfsa2025-65","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-66/","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-66/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-67/","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-70/","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-70/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-71/","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-71/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-72/","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-72/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14416","reference_id":"RHSA-2025:14416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14417","reference_id":"RHSA-2025:14417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14442","reference_id":"RHSA-2025:14442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14640","reference_id":"RHSA-2025:14640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14743","reference_id":"RHSA-2025:14743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14844","reference_id":"RHSA-2025:14844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15418","reference_id":"RHSA-2025:15418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15419","reference_id":"RHSA-2025:15419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15420","reference_id":"RHSA-2025:15420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15421","reference_id":"RHSA-2025:15421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15422","reference_id":"RHSA-2025:15422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15423","reference_id":"RHSA-2025:15423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15424","reference_id":"RHSA-2025:15424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15430","reference_id":"RHSA-2025:15430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15434","reference_id":"RHSA-2025:15434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15435","reference_id":"RHSA-2025:15435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15436","reference_id":"RHSA-2025:15436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15437","reference_id":"RHSA-2025:15437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15438","reference_id":"RHSA-2025:15438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15496","reference_id":"RHSA-2025:15496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15535","reference_id":"RHSA-2025:15535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15535"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-9185"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3h2m-ew2t-kfd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354?format=json","vulnerability_id":"VCID-3kpd-xw2s-pqa7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2784","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06837","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06851","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06847","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442304","reference_id":"2442304","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442304"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012984","reference_id":"show_bug.cgi?id=2012984","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012984"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2784"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3kpd-xw2s-pqa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/301?format=json","vulnerability_id":"VCID-3rep-xv2u-n7he","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4705","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06958","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06972","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06967","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450722","reference_id":"2450722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450722"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014873","reference_id":"show_bug.cgi?id=2014873","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014873"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4705"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3rep-xv2u-n7he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17?format=json","vulnerability_id":"VCID-3rfh-czuk-v3d4","summary":"A compromised content process could have allowed for the arbitrary loading of cross-origin pages.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33156","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33194","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3318","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959","reference_id":"2315959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154","reference_id":"show_bug.cgi?id=1899154","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843","reference_id":"show_bug.cgi?id=1905843","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-9392"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3rfh-czuk-v3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353?format=json","vulnerability_id":"VCID-3uak-b885-3ub7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2783","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14625","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14667","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14662","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442300","reference_id":"2442300","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442300"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010943","reference_id":"show_bug.cgi?id=2010943","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010943"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2783"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uak-b885-3ub7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/282?format=json","vulnerability_id":"VCID-3ubw-c5jk-tuhy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4685","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450724","reference_id":"2450724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450724"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016349","reference_id":"show_bug.cgi?id=2016349","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016349"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4685"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ubw-c5jk-tuhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/390?format=json","vulnerability_id":"VCID-3wkz-pa84-v3hm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5732","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14579","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14619","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14616","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455908","reference_id":"2455908","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455908"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-25","reference_id":"mfsa2026-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-25/","reference_id":"mfsa2026-25","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-27","reference_id":"mfsa2026-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-27"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-27/","reference_id":"mfsa2026-27","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-27/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-28","reference_id":"mfsa2026-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-28/","reference_id":"mfsa2026-28","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-29","reference_id":"mfsa2026-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-29/","reference_id":"mfsa2026-29","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-29/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11805","reference_id":"RHSA-2026:11805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11813","reference_id":"RHSA-2026:11813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12264","reference_id":"RHSA-2026:12264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13342","reference_id":"RHSA-2026:13342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13412","reference_id":"RHSA-2026:13412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13533","reference_id":"RHSA-2026:13533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13582","reference_id":"RHSA-2026:13582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13583","reference_id":"RHSA-2026:13583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13596","reference_id":"RHSA-2026:13596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13600","reference_id":"RHSA-2026:13600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13665","reference_id":"RHSA-2026:13665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13682","reference_id":"RHSA-2026:13682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13683","reference_id":"RHSA-2026:13683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13922","reference_id":"RHSA-2026:13922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13977","reference_id":"RHSA-2026:13977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14223","reference_id":"RHSA-2026:14223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14303","reference_id":"RHSA-2026:14303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15889","reference_id":"RHSA-2026:15889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7671","reference_id":"RHSA-2026:7671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7672","reference_id":"RHSA-2026:7672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8052","reference_id":"RHSA-2026:8052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8459","reference_id":"RHSA-2026:8459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9345","reference_id":"RHSA-2026:9345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9638","reference_id":"RHSA-2026:9638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9638"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017867","reference_id":"show_bug.cgi?id=2017867","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017867"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-5732"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wkz-pa84-v3hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74?format=json","vulnerability_id":"VCID-4grd-ngdg-aqft","summary":"An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11692","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24218","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24235","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946","reference_id":"2328946","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909535","reference_id":"show_bug.cgi?id=1909535","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909535"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11692"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4grd-ngdg-aqft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/731?format=json","vulnerability_id":"VCID-4qts-ntde-3bax","summary":"An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9179.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9179","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43602","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43625","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43615","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9179"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389580","reference_id":"2389580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389580"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-64/","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-65","reference_id":"mfsa2025-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-65/","reference_id":"mfsa2025-65","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-66/","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-66/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-67/","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-70/","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-70/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-71/","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-71/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-72/","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-72/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14416","reference_id":"RHSA-2025:14416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14417","reference_id":"RHSA-2025:14417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14442","reference_id":"RHSA-2025:14442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14640","reference_id":"RHSA-2025:14640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14743","reference_id":"RHSA-2025:14743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14844","reference_id":"RHSA-2025:14844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15418","reference_id":"RHSA-2025:15418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15419","reference_id":"RHSA-2025:15419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15420","reference_id":"RHSA-2025:15420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15421","reference_id":"RHSA-2025:15421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15422","reference_id":"RHSA-2025:15422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15423","reference_id":"RHSA-2025:15423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15424","reference_id":"RHSA-2025:15424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15430","reference_id":"RHSA-2025:15430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15434","reference_id":"RHSA-2025:15434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15435","reference_id":"RHSA-2025:15435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15436","reference_id":"RHSA-2025:15436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15437","reference_id":"RHSA-2025:15437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15438","reference_id":"RHSA-2025:15438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15496","reference_id":"RHSA-2025:15496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15535","reference_id":"RHSA-2025:15535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15535"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979527","reference_id":"show_bug.cgi?id=1979527","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979527"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-9179"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qts-ntde-3bax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/313?format=json","vulnerability_id":"VCID-4zaq-uh4v-8yg8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4717","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4717"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450712","reference_id":"2450712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021695","reference_id":"show_bug.cgi?id=2021695","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021695"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4717"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zaq-uh4v-8yg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/830?format=json","vulnerability_id":"VCID-58j2-kuxh-jqfw","summary":"A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4087.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4087.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4087","reference_id":"","reference_type":"","scores":[{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.54039","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.5921","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.59206","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4087"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362904","reference_id":"2362904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362904"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-28/","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-31/","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4443","reference_id":"RHSA-2025:4443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4458","reference_id":"RHSA-2025:4458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4460","reference_id":"RHSA-2025:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4751","reference_id":"RHSA-2025:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4752","reference_id":"RHSA-2025:4752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4753","reference_id":"RHSA-2025:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4756","reference_id":"RHSA-2025:4756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4797","reference_id":"RHSA-2025:4797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7428","reference_id":"RHSA-2025:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7506","reference_id":"RHSA-2025:7506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7507","reference_id":"RHSA-2025:7507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7543","reference_id":"RHSA-2025:7543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7544","reference_id":"RHSA-2025:7544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7545","reference_id":"RHSA-2025:7545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7547","reference_id":"RHSA-2025:7547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7689","reference_id":"RHSA-2025:7689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7690","reference_id":"RHSA-2025:7690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7691","reference_id":"RHSA-2025:7691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7692","reference_id":"RHSA-2025:7692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7693","reference_id":"RHSA-2025:7693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7694","reference_id":"RHSA-2025:7694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7695","reference_id":"RHSA-2025:7695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7695"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952465","reference_id":"show_bug.cgi?id=1952465","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952465"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-4087"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-58j2-kuxh-jqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/776?format=json","vulnerability_id":"VCID-5dd5-q773-jkbj","summary":"When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0239","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09206","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09187","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336170","reference_id":"2336170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336170"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929156","reference_id":"show_bug.cgi?id=1929156","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929156"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0239"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dd5-q773-jkbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/404?format=json","vulnerability_id":"VCID-5md9-c8d5-zkd4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0882","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07945","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0797","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07958","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428966","reference_id":"2428966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924125","reference_id":"show_bug.cgi?id=1924125","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924125"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0882"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5md9-c8d5-zkd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/775?format=json","vulnerability_id":"VCID-5pnd-9999-mfdj","summary":"Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0238","reference_id":"","reference_type":"","scores":[{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36598","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36561","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36589","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336165","reference_id":"2336165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336165"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-03/","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915535","reference_id":"show_bug.cgi?id=1915535","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915535"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0238"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5pnd-9999-mfdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79?format=json","vulnerability_id":"VCID-5tzy-vsqt-rqf2","summary":"A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11695","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3761","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37641","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37638","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328948","reference_id":"2328948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328948"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1925496","reference_id":"show_bug.cgi?id=1925496","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1925496"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11695"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tzy-vsqt-rqf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/334?format=json","vulnerability_id":"VCID-5wbs-etf2-uqb6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2764","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07508","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07529","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07522","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442329","reference_id":"2442329","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442329"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012608","reference_id":"show_bug.cgi?id=2012608","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2764"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wbs-etf2-uqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/304?format=json","vulnerability_id":"VCID-653d-arym-nba7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4708","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06621","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06622","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450735","reference_id":"2450735","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450735"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015268","reference_id":"show_bug.cgi?id=2015268","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015268"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4708"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-653d-arym-nba7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/719?format=json","vulnerability_id":"VCID-658f-y5df-57c4","summary":"Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1014.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1014.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1014","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43823","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43848","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43839","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1014"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343764","reference_id":"2343764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940804","reference_id":"show_bug.cgi?id=1940804","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940804"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1014"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-658f-y5df-57c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/281?format=json","vulnerability_id":"VCID-67fn-bpkk-13dc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4684","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03689","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03697","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03694","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450721","reference_id":"2450721","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450721"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011129","reference_id":"show_bug.cgi?id=2011129","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011129"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4684"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67fn-bpkk-13dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/333?format=json","vulnerability_id":"VCID-6a5c-nga1-g3c2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2763","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07277","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07292","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07287","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442316","reference_id":"2442316","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442316"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012018","reference_id":"show_bug.cgi?id=2012018","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2012018"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2763"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6a5c-nga1-g3c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/284?format=json","vulnerability_id":"VCID-6gcb-161r-9yg8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4687","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09073","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09094","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09077","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450757","reference_id":"2450757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450757"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016368","reference_id":"show_bug.cgi?id=2016368","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016368"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4687"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6gcb-161r-9yg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/330?format=json","vulnerability_id":"VCID-6hge-dvzw-37eq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2760","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23895","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23946","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23962","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442325","reference_id":"2442325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442325"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011062","reference_id":"show_bug.cgi?id=2011062","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2760"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hge-dvzw-37eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/356?format=json","vulnerability_id":"VCID-6n96-vek4-x3bu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2786","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05744","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05757","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442320","reference_id":"2442320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442320"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013612","reference_id":"show_bug.cgi?id=2013612","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013612"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2786"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6n96-vek4-x3bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/445?format=json","vulnerability_id":"VCID-6ww1-ebeg-gyfh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6762.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6762.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6762","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1525","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1529","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15301","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460076","reference_id":"2460076","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460076"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021080","reference_id":"show_bug.cgi?id=2021080","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021080"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6762"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ww1-ebeg-gyfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/718?format=json","vulnerability_id":"VCID-7321-q5ca-e3g7","summary":"A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1013.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1013","reference_id":"","reference_type":"","scores":[{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48437","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48456","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.4845","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1013"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343754","reference_id":"2343754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343754"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1932555","reference_id":"show_bug.cgi?id=1932555","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1932555"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1013"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7321-q5ca-e3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/706?format=json","vulnerability_id":"VCID-75bf-evmg-fffe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10527.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10527","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24243","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24298","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24316","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395745","reference_id":"2395745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395745"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1984825","reference_id":"show_bug.cgi?id=1984825","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1984825"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10527"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75bf-evmg-fffe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/821?format=json","vulnerability_id":"VCID-7da3-waxh-nfa5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13017.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13017","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10582","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10605","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12161","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414092","reference_id":"2414092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414092"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1980904","reference_id":"show_bug.cgi?id=1980904","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1980904"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13017"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7da3-waxh-nfa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/107?format=json","vulnerability_id":"VCID-7hxe-s6yn-s7aa","summary":"In multipart/x-mixed-replace responses, Content-Disposition: attachment in the response header was not respected and did not force a download, which could allow XSS attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76685","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76696","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7669","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425","reference_id":"2322425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521","reference_id":"show_bug.cgi?id=1914521","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10461"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hxe-s6yn-s7aa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/452?format=json","vulnerability_id":"VCID-7kqr-c8gh-8yg3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6770.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6770","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.2039","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.2044","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20428","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460079","reference_id":"2460079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460079"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2024220","reference_id":"show_bug.cgi?id=2024220","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2024220"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6770"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7kqr-c8gh-8yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/311?format=json","vulnerability_id":"VCID-7pzj-qkvs-f3d8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4715","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450723","reference_id":"2450723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450723"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018405","reference_id":"show_bug.cgi?id=2018405","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018405"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4715"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pzj-qkvs-f3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/711?format=json","vulnerability_id":"VCID-7q2q-cfjc-pbeq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10532.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10532","reference_id":"","reference_type":"","scores":[{"value":"0.001","scoring_system":"epss","scoring_elements":"0.27225","published_at":"2026-06-07T12:55:00Z"},{"value":"0.001","scoring_system":"epss","scoring_elements":"0.27266","published_at":"2026-06-06T12:55:00Z"},{"value":"0.001","scoring_system":"epss","scoring_elements":"0.27318","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395754","reference_id":"2395754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395754"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979502","reference_id":"show_bug.cgi?id=1979502","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979502"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10532"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7q2q-cfjc-pbeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/439?format=json","vulnerability_id":"VCID-7qz3-6puh-2kgx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6752.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6752.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6752","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21718","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21706","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460078","reference_id":"2460078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460078"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027499","reference_id":"show_bug.cgi?id=2027499","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027499"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6752"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7qz3-6puh-2kgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/442?format=json","vulnerability_id":"VCID-7sdq-xgb4-myfv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6757.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6757.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6757","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13998","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14034","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14035","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460085","reference_id":"2460085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460085"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013588","reference_id":"show_bug.cgi?id=2013588","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6757"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7sdq-xgb4-myfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309?format=json","vulnerability_id":"VCID-7uqr-yb2y-rubr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4713","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06621","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06622","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450730","reference_id":"2450730","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450730"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018113","reference_id":"show_bug.cgi?id=2018113","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018113"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4713"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7uqr-yb2y-rubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/846?format=json","vulnerability_id":"VCID-7vyt-mpzf-wyez","summary":"A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11709.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11709.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11709","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2827","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2832","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403765","reference_id":"2403765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403765"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-82/","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-82/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989127","reference_id":"show_bug.cgi?id=1989127","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989127"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11709"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vyt-mpzf-wyez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/704?format=json","vulnerability_id":"VCID-7w68-8btw-6yhm","summary":"Thunderbird could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag.  This could have bypassed website security checks that restricted which domains users were allowed to embed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6429.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6429.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6429","reference_id":"","reference_type":"","scores":[{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62985","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62984","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62994","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6429"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6429"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374561","reference_id":"2374561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374561"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-53/","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-55/","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10072","reference_id":"RHSA-2025:10072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10073","reference_id":"RHSA-2025:10073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10074","reference_id":"RHSA-2025:10074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10159","reference_id":"RHSA-2025:10159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10160","reference_id":"RHSA-2025:10160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10161","reference_id":"RHSA-2025:10161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10163","reference_id":"RHSA-2025:10163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10164","reference_id":"RHSA-2025:10164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10165","reference_id":"RHSA-2025:10165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10166","reference_id":"RHSA-2025:10166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10181","reference_id":"RHSA-2025:10181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10182","reference_id":"RHSA-2025:10182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10182"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10183","reference_id":"RHSA-2025:10183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10184","reference_id":"RHSA-2025:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10185","reference_id":"RHSA-2025:10185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10186","reference_id":"RHSA-2025:10186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10187","reference_id":"RHSA-2025:10187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10188","reference_id":"RHSA-2025:10188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10195","reference_id":"RHSA-2025:10195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10196","reference_id":"RHSA-2025:10196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10246","reference_id":"RHSA-2025:10246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10246"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970658","reference_id":"show_bug.cgi?id=1970658","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970658"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-6429"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7w68-8btw-6yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/395?format=json","vulnerability_id":"VCID-842n-w9k1-xbg6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7321.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7321.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7321","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15798","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15756","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15808","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7321"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463485","reference_id":"2463485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463485"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-36/","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-39/","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-39/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19153","reference_id":"RHSA-2026:19153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19157","reference_id":"RHSA-2026:19157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19370","reference_id":"RHSA-2026:19370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19588","reference_id":"RHSA-2026:19588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20586","reference_id":"RHSA-2026:20586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21743","reference_id":"RHSA-2026:21743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22324","reference_id":"RHSA-2026:22324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22408","reference_id":"RHSA-2026:22408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22409","reference_id":"RHSA-2026:22409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22410","reference_id":"RHSA-2026:22410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22708","reference_id":"RHSA-2026:22708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22712","reference_id":"RHSA-2026:22712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22847","reference_id":"RHSA-2026:22847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22847"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029461","reference_id":"show_bug.cgi?id=2029461","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029461"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-7321"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-842n-w9k1-xbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/826?format=json","vulnerability_id":"VCID-8er3-ykeh-2yag","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13014.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13014.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13014","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20911","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20925","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23016","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13014"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414080","reference_id":"2414080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414080"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-89/","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-89/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1994241","reference_id":"show_bug.cgi?id=1994241","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1994241"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13014"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8er3-ykeh-2yag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/768?format=json","vulnerability_id":"VCID-8pgy-avxp-sbgk","summary":"Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8030.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8030.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8030","reference_id":"","reference_type":"","scores":[{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51339","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51324","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51345","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382710","reference_id":"2382710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1968414","reference_id":"show_bug.cgi?id=1968414","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1968414"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8030"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8pgy-avxp-sbgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/298?format=json","vulnerability_id":"VCID-91d9-jmrd-audv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4701","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450710","reference_id":"2450710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009303","reference_id":"show_bug.cgi?id=2009303","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4701"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91d9-jmrd-audv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/296?format=json","vulnerability_id":"VCID-9b2b-19kn-h3ga","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4699","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450739","reference_id":"2450739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450739"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021863","reference_id":"show_bug.cgi?id=2021863","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021863"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4699"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9b2b-19kn-h3ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/766?format=json","vulnerability_id":"VCID-9nya-5uwj-bbae","summary":"On arm64, a WASM br_table instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8028.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8028.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8028","reference_id":"","reference_type":"","scores":[{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74093","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74084","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74098","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8028"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8028","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8028"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382701","reference_id":"2382701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382701"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-57/","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1971581","reference_id":"show_bug.cgi?id=1971581","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1971581"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8028"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nya-5uwj-bbae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/323?format=json","vulnerability_id":"VCID-9yhq-waqd-fbgb","summary":"Memory safety bugs present in Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7323.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7323.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7323","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0584","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05837","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05846","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7323"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463481","reference_id":"2463481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463481"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2028537%2C2029911%2C2031121%2C2033602","reference_id":"buglist.cgi?bug_id=2028537%2C2029911%2C2031121%2C2033602","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2028537%2C2029911%2C2031121%2C2033602"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-35","reference_id":"mfsa2026-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-35/","reference_id":"mfsa2026-35","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-36/","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-38","reference_id":"mfsa2026-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-38/","reference_id":"mfsa2026-38","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-38/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-39/","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-39/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19153","reference_id":"RHSA-2026:19153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19157","reference_id":"RHSA-2026:19157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19370","reference_id":"RHSA-2026:19370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19588","reference_id":"RHSA-2026:19588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20586","reference_id":"RHSA-2026:20586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21743","reference_id":"RHSA-2026:21743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22324","reference_id":"RHSA-2026:22324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22408","reference_id":"RHSA-2026:22408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22409","reference_id":"RHSA-2026:22409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22410","reference_id":"RHSA-2026:22410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22708","reference_id":"RHSA-2026:22708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22712","reference_id":"RHSA-2026:22712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22847","reference_id":"RHSA-2026:22847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22847"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-7323"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9yhq-waqd-fbgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/437?format=json","vulnerability_id":"VCID-a1ue-4u75-a3hu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6750.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6750","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15541","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1559","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15581","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460102","reference_id":"2460102","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460102"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023407","reference_id":"show_bug.cgi?id=2023407","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6750"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1ue-4u75-a3hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/351?format=json","vulnerability_id":"VCID-a3h3-f7f4-kbgx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2781","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18231","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18269","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18266","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442292","reference_id":"2442292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442292"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009552","reference_id":"show_bug.cgi?id=2009552","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009552"},{"reference_url":"https://usn.ubuntu.com/8071-1/","reference_id":"USN-8071-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8071-1/"},{"reference_url":"https://usn.ubuntu.com/8071-2/","reference_id":"USN-8071-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8071-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2781"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3h3-f7f4-kbgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33?format=json","vulnerability_id":"VCID-a4tr-trur-rfd7","summary":"An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines.\nWe have had reports of this vulnerability being exploited in the wild.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9680","reference_id":"","reference_type":"","scores":[{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96826","published_at":"2026-06-05T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.9683","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989","reference_id":"1084989","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317442","reference_id":"2317442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317442"},{"reference_url":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039","reference_id":"CVE-2024-49039","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-51","reference_id":"mfsa2024-51","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-51/","reference_id":"mfsa2024-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-52","reference_id":"mfsa2024-52","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-52"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-52/","reference_id":"mfsa2024-52","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-52/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7958","reference_id":"RHSA-2024:7958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7977","reference_id":"RHSA-2024:7977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8024","reference_id":"RHSA-2024:8024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8025","reference_id":"RHSA-2024:8025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8026","reference_id":"RHSA-2024:8026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8027","reference_id":"RHSA-2024:8027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8028","reference_id":"RHSA-2024:8028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8029","reference_id":"RHSA-2024:8029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8030","reference_id":"RHSA-2024:8030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8031","reference_id":"RHSA-2024:8031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8032","reference_id":"RHSA-2024:8032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8033","reference_id":"RHSA-2024:8033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8034","reference_id":"RHSA-2024:8034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8131","reference_id":"RHSA-2024:8131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8167","reference_id":"RHSA-2024:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8176","reference_id":"RHSA-2024:8176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923344","reference_id":"show_bug.cgi?id=1923344","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923344"},{"reference_url":"https://usn.ubuntu.com/7065-1/","reference_id":"USN-7065-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7065-1/"},{"reference_url":"https://usn.ubuntu.com/7066-1/","reference_id":"USN-7066-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7066-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-9680"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4tr-trur-rfd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/329?format=json","vulnerability_id":"VCID-a64u-ysv8-8bfw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2759","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21359","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21405","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21419","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442307","reference_id":"2442307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442307"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010933","reference_id":"show_bug.cgi?id=2010933","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2010933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2759"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a64u-ysv8-8bfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/286?format=json","vulnerability_id":"VCID-afkr-dqwv-sqe7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4689","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09336","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0935","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09331","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450718","reference_id":"2450718","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450718"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016374","reference_id":"show_bug.cgi?id=2016374","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016374"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4689"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afkr-dqwv-sqe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/287?format=json","vulnerability_id":"VCID-ag6a-g7ud-zkga","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4690","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05843","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05841","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0585","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450732","reference_id":"2450732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450732"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016375","reference_id":"show_bug.cgi?id=2016375","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016375"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4690"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ag6a-g7ud-zkga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/697?format=json","vulnerability_id":"VCID-ah8t-8he4-u3fx","summary":"An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1009.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1009.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1009","reference_id":"","reference_type":"","scores":[{"value":"0.00799","scoring_system":"epss","scoring_elements":"0.74415","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00799","scoring_system":"epss","scoring_elements":"0.74428","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00799","scoring_system":"epss","scoring_elements":"0.74423","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1009"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343760","reference_id":"2343760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343760"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-08/","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-08/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936613","reference_id":"show_bug.cgi?id=1936613","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936613"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1009"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ah8t-8he4-u3fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/288?format=json","vulnerability_id":"VCID-ajuf-pwx9-dyat","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4691","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12126","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12162","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12164","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450738","reference_id":"2450738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450738"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017512","reference_id":"show_bug.cgi?id=2017512","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017512"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4691"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajuf-pwx9-dyat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/705?format=json","vulnerability_id":"VCID-aq6c-ew84-hbg3","summary":"When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a <embed> or <object> tag, potentially making a website vulnerable to a cross-site scripting attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6430.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6430.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6430","reference_id":"","reference_type":"","scores":[{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.59181","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.59177","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.59185","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6430"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374555","reference_id":"2374555","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374555"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-53/","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-55/","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10072","reference_id":"RHSA-2025:10072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10073","reference_id":"RHSA-2025:10073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10074","reference_id":"RHSA-2025:10074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10159","reference_id":"RHSA-2025:10159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10160","reference_id":"RHSA-2025:10160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10161","reference_id":"RHSA-2025:10161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10163","reference_id":"RHSA-2025:10163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10164","reference_id":"RHSA-2025:10164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10165","reference_id":"RHSA-2025:10165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10166","reference_id":"RHSA-2025:10166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10181","reference_id":"RHSA-2025:10181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10182","reference_id":"RHSA-2025:10182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10182"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10183","reference_id":"RHSA-2025:10183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10184","reference_id":"RHSA-2025:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10185","reference_id":"RHSA-2025:10185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10186","reference_id":"RHSA-2025:10186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10187","reference_id":"RHSA-2025:10187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10188","reference_id":"RHSA-2025:10188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10195","reference_id":"RHSA-2025:10195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10196","reference_id":"RHSA-2025:10196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10246","reference_id":"RHSA-2025:10246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10246"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1971140","reference_id":"show_bug.cgi?id=1971140","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1971140"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-6430"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aq6c-ew84-hbg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/303?format=json","vulnerability_id":"VCID-b71m-y81y-cffg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4707","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05591","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05589","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05604","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450755","reference_id":"2450755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450755"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015267","reference_id":"show_bug.cgi?id=2015267","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4707"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b71m-y81y-cffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/701?format=json","vulnerability_id":"VCID-ba87-4h5x-qfgj","summary":"A use-after-free in FontFaceSet resulted in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6424.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6424.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6424","reference_id":"","reference_type":"","scores":[{"value":"0.01103","scoring_system":"epss","scoring_elements":"0.78438","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01103","scoring_system":"epss","scoring_elements":"0.78436","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01103","scoring_system":"epss","scoring_elements":"0.78447","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6424"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6424","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6424"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374559","reference_id":"2374559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374559"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-52","reference_id":"mfsa2025-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-52"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-52/","reference_id":"mfsa2025-52","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-52/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-53/","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-55/","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10072","reference_id":"RHSA-2025:10072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10073","reference_id":"RHSA-2025:10073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10074","reference_id":"RHSA-2025:10074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10159","reference_id":"RHSA-2025:10159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10160","reference_id":"RHSA-2025:10160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10161","reference_id":"RHSA-2025:10161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10163","reference_id":"RHSA-2025:10163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10164","reference_id":"RHSA-2025:10164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10165","reference_id":"RHSA-2025:10165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10166","reference_id":"RHSA-2025:10166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10181","reference_id":"RHSA-2025:10181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10182","reference_id":"RHSA-2025:10182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10182"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10183","reference_id":"RHSA-2025:10183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10184","reference_id":"RHSA-2025:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10185","reference_id":"RHSA-2025:10185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10186","reference_id":"RHSA-2025:10186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10187","reference_id":"RHSA-2025:10187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10188","reference_id":"RHSA-2025:10188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10195","reference_id":"RHSA-2025:10195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10196","reference_id":"RHSA-2025:10196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10246","reference_id":"RHSA-2025:10246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10246"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1966423","reference_id":"show_bug.cgi?id=1966423","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1966423"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-6424"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ba87-4h5x-qfgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/793?format=json","vulnerability_id":"VCID-bddb-uxzg-5yau","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14322.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14322","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12129","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12093","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1213","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14322"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420506","reference_id":"2420506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420506"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-93/","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-93/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996473","reference_id":"show_bug.cgi?id=1996473","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996473"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14322"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bddb-uxzg-5yau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/300?format=json","vulnerability_id":"VCID-bgy5-ncd5-zfa2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4704","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06466","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06477","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06484","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450756","reference_id":"2450756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450756"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014868","reference_id":"show_bug.cgi?id=2014868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4704"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgy5-ncd5-zfa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/318?format=json","vulnerability_id":"VCID-bshf-uudf-vfa7","summary":"Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4721","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07863","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0789","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07877","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450711","reference_id":"2450711","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450711"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676","reference_id":"buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4721"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bshf-uudf-vfa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/290?format=json","vulnerability_id":"VCID-btqx-pwd3-k7bw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4693","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450741","reference_id":"2450741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450741"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018102","reference_id":"show_bug.cgi?id=2018102","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018102"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4693"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-btqx-pwd3-k7bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/844?format=json","vulnerability_id":"VCID-buzz-h9y8-6qbf","summary":"Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4093.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4093.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4093","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4234","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.5898","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58975","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4093"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362915","reference_id":"2362915","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362915"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:16:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:16:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4443","reference_id":"RHSA-2025:4443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4458","reference_id":"RHSA-2025:4458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4460","reference_id":"RHSA-2025:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4751","reference_id":"RHSA-2025:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4752","reference_id":"RHSA-2025:4752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4753","reference_id":"RHSA-2025:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4756","reference_id":"RHSA-2025:4756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4797","reference_id":"RHSA-2025:4797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7428","reference_id":"RHSA-2025:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7506","reference_id":"RHSA-2025:7506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7507","reference_id":"RHSA-2025:7507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7543","reference_id":"RHSA-2025:7543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7544","reference_id":"RHSA-2025:7544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7545","reference_id":"RHSA-2025:7545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7547","reference_id":"RHSA-2025:7547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7689","reference_id":"RHSA-2025:7689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7690","reference_id":"RHSA-2025:7690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7691","reference_id":"RHSA-2025:7691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7692","reference_id":"RHSA-2025:7692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7693","reference_id":"RHSA-2025:7693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7694","reference_id":"RHSA-2025:7694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7695","reference_id":"RHSA-2025:7695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7695"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1894100","reference_id":"show_bug.cgi?id=1894100","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:16:24Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1894100"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-4093"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-buzz-h9y8-6qbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360?format=json","vulnerability_id":"VCID-bv8f-vus1-53g3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2790","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07565","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07587","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07578","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442313","reference_id":"2442313","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442313"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2008426","reference_id":"show_bug.cgi?id=2008426","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2008426"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2790"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8f-vus1-53g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/447?format=json","vulnerability_id":"VCID-byuc-7bjd-sqbt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6764.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6764","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19873","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19921","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19915","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460106","reference_id":"2460106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460106"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022162","reference_id":"show_bug.cgi?id=2022162","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022162"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6764"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-byuc-7bjd-sqbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/743?format=json","vulnerability_id":"VCID-c25m-7d3t-4qdc","summary":"Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5264","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32552","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32591","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32623","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368751","reference_id":"2368751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-42/","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-43/","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-45/","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1950001","reference_id":"show_bug.cgi?id=1950001","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1950001"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5264"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c25m-7d3t-4qdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/347?format=json","vulnerability_id":"VCID-c67s-85rf-ekep","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2777","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20863","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20908","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20922","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442312","reference_id":"2442312","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442312"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015305","reference_id":"show_bug.cgi?id=2015305","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015305"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2777"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c67s-85rf-ekep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/335?format=json","vulnerability_id":"VCID-c6pn-yvm2-nkgp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2765","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07078","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07093","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07088","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442333","reference_id":"2442333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442333"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013562","reference_id":"show_bug.cgi?id=2013562","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013562"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2765"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c6pn-yvm2-nkgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/699?format=json","vulnerability_id":"VCID-cfa9-bcv2-xke8","summary":"A race during concurrent delazification could have led to a use-after-free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1012.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1012","reference_id":"","reference_type":"","scores":[{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62777","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62767","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1012"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343765","reference_id":"2343765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343765"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-08/","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-08/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1939710","reference_id":"show_bug.cgi?id=1939710","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1939710"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1012"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfa9-bcv2-xke8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/455?format=json","vulnerability_id":"VCID-ck16-s95h-wqf7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6776.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6776","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0281","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02855","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02864","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460110","reference_id":"2460110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460110"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021770","reference_id":"show_bug.cgi?id=2021770","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021770"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6776"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ck16-s95h-wqf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/451?format=json","vulnerability_id":"VCID-csrv-t7e2-gqa5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6769.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6769.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6769","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15267","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15306","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15316","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460108","reference_id":"2460108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460108"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023753","reference_id":"show_bug.cgi?id=2023753","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023753"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6769"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csrv-t7e2-gqa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/321?format=json","vulnerability_id":"VCID-cut7-1fc1-77bj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7320.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7320","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17119","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17154","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17158","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7320"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463483","reference_id":"2463483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463483"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-35","reference_id":"mfsa2026-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-35/","reference_id":"mfsa2026-35","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-36/","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-37","reference_id":"mfsa2026-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-37/","reference_id":"mfsa2026-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-38","reference_id":"mfsa2026-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-38/","reference_id":"mfsa2026-38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-38/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-39/","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-39/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19153","reference_id":"RHSA-2026:19153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19157","reference_id":"RHSA-2026:19157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19370","reference_id":"RHSA-2026:19370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19588","reference_id":"RHSA-2026:19588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20586","reference_id":"RHSA-2026:20586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21743","reference_id":"RHSA-2026:21743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22324","reference_id":"RHSA-2026:22324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22408","reference_id":"RHSA-2026:22408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22409","reference_id":"RHSA-2026:22409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22410","reference_id":"RHSA-2026:22410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22708","reference_id":"RHSA-2026:22708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22712","reference_id":"RHSA-2026:22712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22847","reference_id":"RHSA-2026:22847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22847"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027433","reference_id":"show_bug.cgi?id=2027433","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027433"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-7320"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cut7-1fc1-77bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/774?format=json","vulnerability_id":"VCID-cz8m-883z-xqg8","summary":"The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0237","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36949","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3692","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36955","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336182","reference_id":"2336182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336182"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915257","reference_id":"show_bug.cgi?id=1915257","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915257"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0237"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8m-883z-xqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350?format=json","vulnerability_id":"VCID-d1gw-1y42-cbgm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2780","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05549","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05566","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442334","reference_id":"2442334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442334"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2007829","reference_id":"show_bug.cgi?id=2007829","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2007829"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2780"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1gw-1y42-cbgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/827?format=json","vulnerability_id":"VCID-d5cm-c9z9-y7gt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13015.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13015","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1167","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11665","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13649","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13015"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414090","reference_id":"2414090","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414090"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-89/","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-89/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1994164","reference_id":"show_bug.cgi?id=1994164","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1994164"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13015"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5cm-c9z9-y7gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/299?format=json","vulnerability_id":"VCID-dscu-jj1c-h3f5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4702","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4702"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450744","reference_id":"2450744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450744"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013560","reference_id":"show_bug.cgi?id=2013560","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013560"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4702"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dscu-jj1c-h3f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/801?format=json","vulnerability_id":"VCID-dup7-7s5q-p7f1","summary":"Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14333.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14333.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14333","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23382","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23321","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23367","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14333"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14333"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420502","reference_id":"2420502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420502"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2C1997639","reference_id":"buglist.cgi?bug_id=1966501%2C1997639","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2C1997639"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14333"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dup7-7s5q-p7f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/822?format=json","vulnerability_id":"VCID-e1h3-huhs-57cy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13018.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13018","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10582","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10605","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12161","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414079","reference_id":"2414079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414079"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1984940","reference_id":"show_bug.cgi?id=1984940","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1984940"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13018"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e1h3-huhs-57cy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/824?format=json","vulnerability_id":"VCID-e3wt-r6nd-fqd4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13013.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13013","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17354","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17358","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19592","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13013"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414091","reference_id":"2414091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414091"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-89/","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-89/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1991945","reference_id":"show_bug.cgi?id=1991945","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1991945"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13013"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3wt-r6nd-fqd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/412?format=json","vulnerability_id":"VCID-e6vb-fr1v-abe1","summary":"Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0891","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08664","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08684","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08669","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428963","reference_id":"2428963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428963"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278","reference_id":"buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0891"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6vb-fr1v-abe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/401?format=json","vulnerability_id":"VCID-e8nq-4szw-efau","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0878","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10288","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10331","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10311","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0878"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428965","reference_id":"2428965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428965"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003989","reference_id":"show_bug.cgi?id=2003989","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003989"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0878"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8nq-4szw-efau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/433?format=json","vulnerability_id":"VCID-e8uz-464h-jfct","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6746.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6746","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21387","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21341","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21402","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460112","reference_id":"2460112","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460112"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014596","reference_id":"show_bug.cgi?id=2014596","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014596"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6746"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8uz-464h-jfct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/450?format=json","vulnerability_id":"VCID-e9n9-xud9-dkgv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6767","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1669","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16651","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16693","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460086","reference_id":"2460086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460086"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023209","reference_id":"show_bug.cgi?id=2023209","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023209"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6767"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9n9-xud9-dkgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/402?format=json","vulnerability_id":"VCID-ec7k-fb24-jqg6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0879","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09279","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09282","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.093","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428973","reference_id":"2428973","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428973"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004602","reference_id":"show_bug.cgi?id=2004602","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004602"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0879"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ec7k-fb24-jqg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/310?format=json","vulnerability_id":"VCID-ewwr-wvtp-cygb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4714","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06621","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06622","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4714"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450725","reference_id":"2450725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450725"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018126","reference_id":"show_bug.cgi?id=2018126","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018126"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4714"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewwr-wvtp-cygb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/444?format=json","vulnerability_id":"VCID-exx3-yz3e-3uhq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6761.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6761","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15267","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15306","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15316","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460099","reference_id":"2460099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460099"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017857","reference_id":"show_bug.cgi?id=2017857","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017857"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6761"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-exx3-yz3e-3uhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/305?format=json","vulnerability_id":"VCID-ey5c-yskx-nqbe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4709","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08043","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0806","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08047","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450726","reference_id":"2450726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450726"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016329","reference_id":"show_bug.cgi?id=2016329","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016329"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016342","reference_id":"show_bug.cgi?id=2016342","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4709"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ey5c-yskx-nqbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/294?format=json","vulnerability_id":"VCID-f2wb-161u-suc3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4697","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06466","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06477","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06484","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450729","reference_id":"2450729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020422","reference_id":"show_bug.cgi?id=2020422","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020422"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4697"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f2wb-161u-suc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/409?format=json","vulnerability_id":"VCID-f6tr-3mnj-yqhb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0886","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05687","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05701","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0886"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428978","reference_id":"2428978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428978"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005658","reference_id":"show_bug.cgi?id=2005658","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005658"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0886"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f6tr-3mnj-yqhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/327?format=json","vulnerability_id":"VCID-f9cx-t7df-vkad","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2757","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21359","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21405","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21419","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442324","reference_id":"2442324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442324"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2001637","reference_id":"show_bug.cgi?id=2001637","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2001637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2757"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9cx-t7df-vkad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/446?format=json","vulnerability_id":"VCID-fgwr-7rn9-qked","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6763.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6763","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19185","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19232","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19229","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460101","reference_id":"2460101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460101"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021666","reference_id":"show_bug.cgi?id=2021666","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6763"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgwr-7rn9-qked"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104?format=json","vulnerability_id":"VCID-fqnp-zeze-yfcj","summary":"A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458","reference_id":"","reference_type":"","scores":[{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64251","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64262","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64254","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428","reference_id":"2322428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733","reference_id":"show_bug.cgi?id=1921733","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10458"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqnp-zeze-yfcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/759?format=json","vulnerability_id":"VCID-fvdd-938n-2ybc","summary":"Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1937","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49225","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49232","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49242","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349795","reference_id":"2349795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349795"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716","reference_id":"buglist.cgi?bug_id=1938471%2C1940716","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2899","reference_id":"RHSA-2025:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2900","reference_id":"RHSA-2025:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2957","reference_id":"RHSA-2025:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2958","reference_id":"RHSA-2025:2958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2959","reference_id":"RHSA-2025:2959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2960","reference_id":"RHSA-2025:2960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3009","reference_id":"RHSA-2025:3009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3013","reference_id":"RHSA-2025:3013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3036","reference_id":"RHSA-2025:3036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3036"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1937"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fvdd-938n-2ybc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/322?format=json","vulnerability_id":"VCID-g2m7-vtmy-bfb2","summary":"Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7322.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7322","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06618","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06629","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0663","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7322"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463484","reference_id":"2463484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-35","reference_id":"mfsa2026-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-35/","reference_id":"mfsa2026-35","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-36/","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-37","reference_id":"mfsa2026-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-37/","reference_id":"mfsa2026-37","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-38","reference_id":"mfsa2026-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-38/","reference_id":"mfsa2026-38","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-38/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-39/","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-39/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19153","reference_id":"RHSA-2026:19153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19157","reference_id":"RHSA-2026:19157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19370","reference_id":"RHSA-2026:19370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19588","reference_id":"RHSA-2026:19588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20586","reference_id":"RHSA-2026:20586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21743","reference_id":"RHSA-2026:21743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22324","reference_id":"RHSA-2026:22324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22408","reference_id":"RHSA-2026:22408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22409","reference_id":"RHSA-2026:22409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22410","reference_id":"RHSA-2026:22410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22708","reference_id":"RHSA-2026:22708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22712","reference_id":"RHSA-2026:22712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22847","reference_id":"RHSA-2026:22847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22847"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-7322"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2m7-vtmy-bfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/453?format=json","vulnerability_id":"VCID-g32m-6zmz-fbeq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6771.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6771","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21009","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21054","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21068","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460105","reference_id":"2460105","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460105"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2025067","reference_id":"show_bug.cgi?id=2025067","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2025067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6771"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g32m-6zmz-fbeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/795?format=json","vulnerability_id":"VCID-gsbq-8nr4-7bga","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14324.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14324.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14324","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22155","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22202","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22215","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14324"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14324"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420517","reference_id":"2420517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420517"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-93/","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-93/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996840","reference_id":"show_bug.cgi?id=1996840","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996840"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14324"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gsbq-8nr4-7bga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/358?format=json","vulnerability_id":"VCID-gseh-9bmg-q3hp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2788","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07277","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07292","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07287","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442302","reference_id":"2442302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442302"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014824","reference_id":"show_bug.cgi?id=2014824","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014824"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2788"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gseh-9bmg-q3hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/448?format=json","vulnerability_id":"VCID-guav-jpev-qqbw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6765.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6765","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14883","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14927","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460107","reference_id":"2460107","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460107"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022419","reference_id":"show_bug.cgi?id=2022419","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022419"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6765"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-guav-jpev-qqbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359?format=json","vulnerability_id":"VCID-hcft-s1u3-hkbp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2789","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05876","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05874","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05883","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442322","reference_id":"2442322","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442322"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015179","reference_id":"show_bug.cgi?id=2015179","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015179"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2789"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcft-s1u3-hkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355?format=json","vulnerability_id":"VCID-j3vd-wt1f-g3gj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2785","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05744","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05757","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442284","reference_id":"2442284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442284"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013549","reference_id":"show_bug.cgi?id=2013549","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013549"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2785"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3vd-wt1f-g3gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/403?format=json","vulnerability_id":"VCID-j79f-pxjk-7qdh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0880","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07945","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07958","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0797","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0880"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428975","reference_id":"2428975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428975"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005014","reference_id":"show_bug.cgi?id=2005014","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005014"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0880"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j79f-pxjk-7qdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/449?format=json","vulnerability_id":"VCID-je5a-edxm-rybv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6766","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15429","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15479","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1547","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460097","reference_id":"2460097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460097"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023207","reference_id":"show_bug.cgi?id=2023207","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2023207"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6766"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-je5a-edxm-rybv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/306?format=json","vulnerability_id":"VCID-jqar-tqxb-23bu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4710","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450727","reference_id":"2450727","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450727"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016370","reference_id":"show_bug.cgi?id=2016370","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016370"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4710"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jqar-tqxb-23bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/690?format=json","vulnerability_id":"VCID-k1zc-ud5s-3ug9","summary":"JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3028.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3028.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3028","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31578","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31505","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31542","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3028"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356562","reference_id":"2356562","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356562"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-21","reference_id":"mfsa2025-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-21/","reference_id":"mfsa2025-21","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-22/","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-24/","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3556","reference_id":"RHSA-2025:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3581","reference_id":"RHSA-2025:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3582","reference_id":"RHSA-2025:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3587","reference_id":"RHSA-2025:3587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3589","reference_id":"RHSA-2025:3589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3590","reference_id":"RHSA-2025:3590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3620","reference_id":"RHSA-2025:3620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3621","reference_id":"RHSA-2025:3621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3623","reference_id":"RHSA-2025:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3628","reference_id":"RHSA-2025:3628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4026","reference_id":"RHSA-2025:4026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4027","reference_id":"RHSA-2025:4027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4028","reference_id":"RHSA-2025:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4029","reference_id":"RHSA-2025:4029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4030","reference_id":"RHSA-2025:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4031","reference_id":"RHSA-2025:4031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4032","reference_id":"RHSA-2025:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4169","reference_id":"RHSA-2025:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4170","reference_id":"RHSA-2025:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7491","reference_id":"RHSA-2025:7491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7493","reference_id":"RHSA-2025:7493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7493"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1941002","reference_id":"show_bug.cgi?id=1941002","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1941002"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-3028"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1zc-ud5s-3ug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/289?format=json","vulnerability_id":"VCID-k618-8ukj-wuc2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4692","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09666","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09692","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09673","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450748","reference_id":"2450748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450748"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017643","reference_id":"show_bug.cgi?id=2017643","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4692"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k618-8ukj-wuc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/328?format=json","vulnerability_id":"VCID-km6r-axw9-c7gm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2758","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21359","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21405","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21419","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442337","reference_id":"2442337","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442337"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009608","reference_id":"show_bug.cgi?id=2009608","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2009608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2758"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-km6r-axw9-c7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/794?format=json","vulnerability_id":"VCID-knq9-pjhx-7qcn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14323.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14323.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14323","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18288","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18251","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18285","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14323"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420513","reference_id":"2420513","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420513"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-93"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-93/","reference_id":"mfsa2025-93","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-93/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996555","reference_id":"show_bug.cgi?id=1996555","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996555"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14323"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knq9-pjhx-7qcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111?format=json","vulnerability_id":"VCID-ks9t-n26j-cqg2","summary":"Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464","reference_id":"","reference_type":"","scores":[{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67307","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67319","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67312","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424","reference_id":"2322424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000","reference_id":"show_bug.cgi?id=1913000","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10464"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ks9t-n26j-cqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/797?format=json","vulnerability_id":"VCID-ksbf-a1e1-cucg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14328.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14328","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17931","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17971","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17968","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14328"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420508","reference_id":"2420508","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420508"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996761","reference_id":"show_bug.cgi?id=1996761","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1996761"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14328"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ksbf-a1e1-cucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/741?format=json","vulnerability_id":"VCID-kssx-csgu-3yg3","summary":"A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5283","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50933","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50954","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50949","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689","reference_id":"1106689","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368749","reference_id":"2368749","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368749"},{"reference_url":"https://issues.chromium.org/issues/419467315","reference_id":"419467315","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/"}],"url":"https://issues.chromium.org/issues/419467315"},{"reference_url":"https://security.gentoo.org/glsa/202509-07","reference_id":"GLSA-202509-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9118","reference_id":"RHSA-2025:9118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9119","reference_id":"RHSA-2025:9119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9120","reference_id":"RHSA-2025:9120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9122","reference_id":"RHSA-2025:9122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9123","reference_id":"RHSA-2025:9123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9124","reference_id":"RHSA-2025:9124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9125","reference_id":"RHSA-2025:9125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9126","reference_id":"RHSA-2025:9126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9127","reference_id":"RHSA-2025:9127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9128","reference_id":"RHSA-2025:9128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9331","reference_id":"RHSA-2025:9331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9331"},{"reference_url":"https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html","reference_id":"stable-channel-update-for-desktop_27.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/"}],"url":"https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html"},{"reference_url":"https://usn.ubuntu.com/7551-1/","reference_id":"USN-7551-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7551-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5283"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kssx-csgu-3yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/823?format=json","vulnerability_id":"VCID-kxwc-x4t6-bqha","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13019.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13019.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13019","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10582","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10605","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12161","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13019"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414084","reference_id":"2414084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414084"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1988412","reference_id":"show_bug.cgi?id=1988412","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1988412"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13019"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxwc-x4t6-bqha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/757?format=json","vulnerability_id":"VCID-kzhd-pzmd-9kgz","summary":"A web page could trick a user into setting that site as the default handler for a custom URL protocol.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1935","reference_id":"","reference_type":"","scores":[{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45531","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45551","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45547","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349792","reference_id":"2349792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349792"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1866661","reference_id":"show_bug.cgi?id=1866661","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1866661"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1935"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kzhd-pzmd-9kgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/435?format=json","vulnerability_id":"VCID-m8yj-u8ak-8fe7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6748.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6748","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21492","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21539","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21552","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460103","reference_id":"2460103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460103"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022604","reference_id":"show_bug.cgi?id=2022604","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022604"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6748"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8yj-u8ak-8fe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297?format=json","vulnerability_id":"VCID-mda2-95w5-mber","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4700","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07477","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07499","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07491","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450752","reference_id":"2450752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450752"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003766","reference_id":"show_bug.cgi?id=2003766","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003766"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4700"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mda2-95w5-mber"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/456?format=json","vulnerability_id":"VCID-mgkq-skqv-mucw","summary":"Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6785.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6785.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6785","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04456","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04433","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04446","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460104","reference_id":"2460104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460104"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6785"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mgkq-skqv-mucw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/457?format=json","vulnerability_id":"VCID-mhsk-ne56-z7ay","summary":"Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6786.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6786","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04271","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04259","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04268","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460088","reference_id":"2460088","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460088"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6786"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhsk-ne56-z7ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/332?format=json","vulnerability_id":"VCID-mub8-ugwz-s7et","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2762","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07078","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07093","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07088","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442308","reference_id":"2442308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442308"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011649","reference_id":"show_bug.cgi?id=2011649","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011649"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2762"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mub8-ugwz-s7et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/796?format=json","vulnerability_id":"VCID-mw84-a5x5-4qb6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14325.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14325.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14325","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27731","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27768","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2782","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14325"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420504","reference_id":"2420504","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420504"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1998050","reference_id":"show_bug.cgi?id=1998050","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1998050"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14325"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mw84-a5x5-4qb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/366?format=json","vulnerability_id":"VCID-n2mh-6a9s-n3a4","summary":"Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8092.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8092.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8092","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06491","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06475","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06485","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467708","reference_id":"2467708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467708"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1806249%2C2021977%2C2022576%2C2022722%2C2024439%2C2027883%2C2029463%2C2030323%2C2032042%2C2032043%2C2033270%2C2033637%2C2034422%2C2034496%2C2035879%2C2036516","reference_id":"buglist.cgi?bug_id=1806249%2C2021977%2C2022576%2C2022722%2C2024439%2C2027883%2C2029463%2C2030323%2C2032042%2C2032043%2C2033270%2C2033637%2C2034422%2C2034496%2C2035879%2C2036516","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1806249%2C2021977%2C2022576%2C2022722%2C2024439%2C2027883%2C2029463%2C2030323%2C2032042%2C2032043%2C2033270%2C2033637%2C2034422%2C2034496%2C2035879%2C2036516"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-40","reference_id":"mfsa2026-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-40/","reference_id":"mfsa2026-40","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-41","reference_id":"mfsa2026-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-41/","reference_id":"mfsa2026-41","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-42","reference_id":"mfsa2026-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-42/","reference_id":"mfsa2026-42","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-43","reference_id":"mfsa2026-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-43/","reference_id":"mfsa2026-43","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-44","reference_id":"mfsa2026-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-44/","reference_id":"mfsa2026-44","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19160","reference_id":"RHSA-2026:19160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20566","reference_id":"RHSA-2026:20566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20574","reference_id":"RHSA-2026:20574","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20574"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-8092"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n2mh-6a9s-n3a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/779?format=json","vulnerability_id":"VCID-nca6-dfj3-1fa6","summary":"Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0242","reference_id":"","reference_type":"","scores":[{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85416","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.8541","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85411","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336181","reference_id":"2336181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336181"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169","reference_id":"buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-03/","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0242"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nca6-dfj3-1fa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/285?format=json","vulnerability_id":"VCID-nfdb-d7u5-afda","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4688","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07539","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07559","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07552","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450713","reference_id":"2450713","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450713"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016373","reference_id":"show_bug.cgi?id=2016373","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016373"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4688"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nfdb-d7u5-afda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/780?format=json","vulnerability_id":"VCID-nmb9-5mgu-dqhe","summary":"Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0243","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12568","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12535","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12571","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336175","reference_id":"2336175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336175"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783","reference_id":"buglist.cgi?bug_id=1827142%2C1932783","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0243"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmb9-5mgu-dqhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/406?format=json","vulnerability_id":"VCID-nyfk-bz4w-akce","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0883","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04177","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04176","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428968","reference_id":"2428968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428968"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989340","reference_id":"show_bug.cgi?id=1989340","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989340"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0883"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyfk-bz4w-akce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105?format=json","vulnerability_id":"VCID-p88y-3xt6-afan","summary":"An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459","reference_id":"","reference_type":"","scores":[{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72651","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72669","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72662","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429","reference_id":"2322429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087","reference_id":"show_bug.cgi?id=1919087","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10459"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p88y-3xt6-afan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/700?format=json","vulnerability_id":"VCID-pah8-n6cz-c7b9","summary":"Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1016.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1016","reference_id":"","reference_type":"","scores":[{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54804","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54811","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.548","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343752","reference_id":"2343752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343752"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994","reference_id":"buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-08"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-08/","reference_id":"mfsa2025-08","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-08/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1016"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pah8-n6cz-c7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/283?format=json","vulnerability_id":"VCID-pqwt-yndd-47fb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4686","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450734","reference_id":"2450734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450734"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016351","reference_id":"show_bug.cgi?id=2016351","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016351"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4686"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqwt-yndd-47fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/825?format=json","vulnerability_id":"VCID-prm8-r4q1-zber","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13020.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13020","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17971","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17968","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20283","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414085","reference_id":"2414085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414085"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1995686","reference_id":"show_bug.cgi?id=1995686","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1995686"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13020"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prm8-r4q1-zber"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26?format=json","vulnerability_id":"VCID-ptff-qrsj-1yew","summary":"Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3774","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37771","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37768","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950","reference_id":"2315950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-9401"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptff-qrsj-1yew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/748?format=json","vulnerability_id":"VCID-px5p-xdma-c7da","summary":"A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5267","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57919","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5793","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57922","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368750","reference_id":"2368750","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368750"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-42/","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-45/","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1954137","reference_id":"show_bug.cgi?id=1954137","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1954137"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5267"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-px5p-xdma-c7da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/407?format=json","vulnerability_id":"VCID-q5ez-a8hu-17hc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0884","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09152","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09134","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0884"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428967","reference_id":"2428967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428967"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003588","reference_id":"show_bug.cgi?id=2003588","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003588"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0884"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5ez-a8hu-17hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/767?format=json","vulnerability_id":"VCID-qaeb-t2y3-v3ce","summary":"Thunderbird executed javascript: URLs when used in object and embed tags.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8029.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8029","reference_id":"","reference_type":"","scores":[{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51339","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51324","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51345","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8029"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382720","reference_id":"2382720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382720"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1928021","reference_id":"show_bug.cgi?id=1928021","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1928021"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8029"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qaeb-t2y3-v3ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/845?format=json","vulnerability_id":"VCID-qknk-w6fq-7ybb","summary":"Use-after-free in MediaTrackGraphImpl::GetInstance()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11708.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11708","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25579","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25624","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25633","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403769","reference_id":"2403769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403769"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1988931","reference_id":"show_bug.cgi?id=1988931","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1988931"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11708"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qknk-w6fq-7ybb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/726?format=json","vulnerability_id":"VCID-qs65-ts7s-zkb1","summary":"An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4918.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4918","reference_id":"","reference_type":"","scores":[{"value":"0.00994","scoring_system":"epss","scoring_elements":"0.77299","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00994","scoring_system":"epss","scoring_elements":"0.7731","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4918"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367016","reference_id":"2367016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367016"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-36","reference_id":"mfsa2025-36","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-36/","reference_id":"mfsa2025-36","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-37","reference_id":"mfsa2025-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-37/","reference_id":"mfsa2025-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-38","reference_id":"mfsa2025-38","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-38/","reference_id":"mfsa2025-38","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-38/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-40","reference_id":"mfsa2025-40","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-40/","reference_id":"mfsa2025-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-41","reference_id":"mfsa2025-41","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-41/","reference_id":"mfsa2025-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-41/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8049","reference_id":"RHSA-2025:8049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8060","reference_id":"RHSA-2025:8060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8125","reference_id":"RHSA-2025:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8369","reference_id":"RHSA-2025:8369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8370","reference_id":"RHSA-2025:8370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8371","reference_id":"RHSA-2025:8371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8465","reference_id":"RHSA-2025:8465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8639","reference_id":"RHSA-2025:8639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8640","reference_id":"RHSA-2025:8640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8645","reference_id":"RHSA-2025:8645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8807","reference_id":"RHSA-2025:8807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1966612","reference_id":"show_bug.cgi?id=1966612","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1966612"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-4918"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qs65-ts7s-zkb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/722?format=json","vulnerability_id":"VCID-qxnq-dd84-xuf7","summary":"Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1017.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1017","reference_id":"","reference_type":"","scores":[{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.5434","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.54343","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.54351","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343748","reference_id":"2343748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343748"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1926256%2C1935984%2C1935471","reference_id":"buglist.cgi?bug_id=1926256%2C1935984%2C1935471","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1926256%2C1935984%2C1935471"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1017"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qxnq-dd84-xuf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114?format=json","vulnerability_id":"VCID-qz54-4jzp-4yam","summary":"Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67712","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67721","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67715","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433","reference_id":"2322433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_id":"buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10467"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qz54-4jzp-4yam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/773?format=json","vulnerability_id":"VCID-qzbt-quzy-kkez","summary":"Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8035.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8035","reference_id":"","reference_type":"","scores":[{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61403","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61397","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.6141","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8035"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382703","reference_id":"2382703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382703"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1975961","reference_id":"show_bug.cgi?id=1975961","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1975961"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8035"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzbt-quzy-kkez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81?format=json","vulnerability_id":"VCID-r67t-hasn-nqda","summary":"When handling keypress events, an attacker may have been able to trick a user into bypassing the \"Open Executable File?\" confirmation dialog. This could have led to malicious code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11697","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25628","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25685","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25676","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328950","reference_id":"2328950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328950"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842187","reference_id":"show_bug.cgi?id=1842187","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842187"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11697"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r67t-hasn-nqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/751?format=json","vulnerability_id":"VCID-r8k6-4mbk-v3cx","summary":"In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due to an integer overflow","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43097","reference_id":"","reference_type":"","scores":[{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76263","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76268","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.7627","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://source.android.com/security/bulletin/2024-12-01","reference_id":"2024-12-01","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/"}],"url":"https://source.android.com/security/bulletin/2024-12-01"},{"reference_url":"https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7","reference_id":"8d355fe1d0795fc30b84194b87563f75c6f8f2a7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/"}],"url":"https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-43097"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8k6-4mbk-v3cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/820?format=json","vulnerability_id":"VCID-ramb-mrss-xfb2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13016.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13016","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1031","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10329","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11847","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414083","reference_id":"2414083","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414083"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1992130","reference_id":"show_bug.cgi?id=1992130","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1992130"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13016"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ramb-mrss-xfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/819?format=json","vulnerability_id":"VCID-rcjm-fsst-qfec","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13012.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13012","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1661","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16614","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1883","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13012"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414086","reference_id":"2414086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414086"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-87"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-87/","reference_id":"mfsa2025-87","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-87/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-88"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-88/","reference_id":"mfsa2025-88","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-88/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-89"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-89/","reference_id":"mfsa2025-89","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-89/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-90"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-90/","reference_id":"mfsa2025-90","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-90/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-91"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-91/","reference_id":"mfsa2025-91","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-91/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21120","reference_id":"RHSA-2025:21120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21121","reference_id":"RHSA-2025:21121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21280","reference_id":"RHSA-2025:21280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21281","reference_id":"RHSA-2025:21281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21841","reference_id":"RHSA-2025:21841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21842","reference_id":"RHSA-2025:21842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21843","reference_id":"RHSA-2025:21843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21844","reference_id":"RHSA-2025:21844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21881","reference_id":"RHSA-2025:21881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22363","reference_id":"RHSA-2025:22363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22367","reference_id":"RHSA-2025:22367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22368","reference_id":"RHSA-2025:22368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22369","reference_id":"RHSA-2025:22369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22371","reference_id":"RHSA-2025:22371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22372","reference_id":"RHSA-2025:22372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22373","reference_id":"RHSA-2025:22373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22374","reference_id":"RHSA-2025:22374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22375","reference_id":"RHSA-2025:22375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22449","reference_id":"RHSA-2025:22449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22450","reference_id":"RHSA-2025:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22451","reference_id":"RHSA-2025:22451","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22451"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22791","reference_id":"RHSA-2025:22791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22792","reference_id":"RHSA-2025:22792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22882","reference_id":"RHSA-2025:22882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22883","reference_id":"RHSA-2025:22883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22883"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1991458","reference_id":"show_bug.cgi?id=1991458","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1991458"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-13012"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcjm-fsst-qfec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/349?format=json","vulnerability_id":"VCID-rdbw-wqqa-qbg2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2779","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07078","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07093","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07088","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442327","reference_id":"2442327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442327"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1164141","reference_id":"show_bug.cgi?id=1164141","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1164141"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2779"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdbw-wqqa-qbg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/798?format=json","vulnerability_id":"VCID-rdkw-c71j-dyg5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14329.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14329.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14329","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17931","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17971","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17968","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14329"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420509","reference_id":"2420509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420509"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1997018","reference_id":"show_bug.cgi?id=1997018","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1997018"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14329"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdkw-c71j-dyg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/755?format=json","vulnerability_id":"VCID-rj9d-hjtt-u7ba","summary":"On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1933","reference_id":"","reference_type":"","scores":[{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65849","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65851","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65863","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349794","reference_id":"2349794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349794"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1946004","reference_id":"show_bug.cgi?id=1946004","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1946004"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1933"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rj9d-hjtt-u7ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/312?format=json","vulnerability_id":"VCID-rpb6-npgx-gqfh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4716","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450720","reference_id":"2450720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450720"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018592","reference_id":"show_bug.cgi?id=2018592","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2018592"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4716"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rpb6-npgx-gqfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/441?format=json","vulnerability_id":"VCID-rxhp-bnpw-5ucc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6754.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6754","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21341","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21402","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21387","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460075","reference_id":"2460075","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460075"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027541","reference_id":"show_bug.cgi?id=2027541","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027541"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6754"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxhp-bnpw-5ucc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/732?format=json","vulnerability_id":"VCID-s23u-gwjc-7keh","summary":"Same-origin policy bypass in the Graphics: Canvas2D component.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9180.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9180","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1922","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19264","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19267","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9180"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389581","reference_id":"2389581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389581"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-64/","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-65","reference_id":"mfsa2025-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-65/","reference_id":"mfsa2025-65","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-66/","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-66/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-67/","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-70/","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-70/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-71/","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-71/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-72/","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-72/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14416","reference_id":"RHSA-2025:14416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14417","reference_id":"RHSA-2025:14417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14442","reference_id":"RHSA-2025:14442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14640","reference_id":"RHSA-2025:14640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14743","reference_id":"RHSA-2025:14743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14844","reference_id":"RHSA-2025:14844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15418","reference_id":"RHSA-2025:15418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15419","reference_id":"RHSA-2025:15419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15420","reference_id":"RHSA-2025:15420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15421","reference_id":"RHSA-2025:15421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15422","reference_id":"RHSA-2025:15422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15423","reference_id":"RHSA-2025:15423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15424","reference_id":"RHSA-2025:15424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15430","reference_id":"RHSA-2025:15430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15434","reference_id":"RHSA-2025:15434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15435","reference_id":"RHSA-2025:15435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15436","reference_id":"RHSA-2025:15436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15437","reference_id":"RHSA-2025:15437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15438","reference_id":"RHSA-2025:15438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15496","reference_id":"RHSA-2025:15496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15535","reference_id":"RHSA-2025:15535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15535"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979782","reference_id":"show_bug.cgi?id=1979782","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979782"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-9180"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s23u-gwjc-7keh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/702?format=json","vulnerability_id":"VCID-s5d5-smkc-fbba","summary":"An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6425.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6425.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6425","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61807","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61796","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61798","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6425"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6425","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6425"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374562","reference_id":"2374562","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374562"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-52","reference_id":"mfsa2025-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-52"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-52/","reference_id":"mfsa2025-52","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-52/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-53/","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-55/","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10072","reference_id":"RHSA-2025:10072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10073","reference_id":"RHSA-2025:10073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10074","reference_id":"RHSA-2025:10074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10159","reference_id":"RHSA-2025:10159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10160","reference_id":"RHSA-2025:10160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10161","reference_id":"RHSA-2025:10161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10163","reference_id":"RHSA-2025:10163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10164","reference_id":"RHSA-2025:10164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10165","reference_id":"RHSA-2025:10165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10166","reference_id":"RHSA-2025:10166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10181","reference_id":"RHSA-2025:10181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10182","reference_id":"RHSA-2025:10182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10182"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10183","reference_id":"RHSA-2025:10183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10184","reference_id":"RHSA-2025:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10185","reference_id":"RHSA-2025:10185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10186","reference_id":"RHSA-2025:10186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10187","reference_id":"RHSA-2025:10187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10188","reference_id":"RHSA-2025:10188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10195","reference_id":"RHSA-2025:10195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10196","reference_id":"RHSA-2025:10196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10246","reference_id":"RHSA-2025:10246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10246"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1717672","reference_id":"show_bug.cgi?id=1717672","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1717672"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-6425"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s5d5-smkc-fbba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/363?format=json","vulnerability_id":"VCID-sdan-9u9t-dqdk","summary":"Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2793","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22511","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2256","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22573","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442287","reference_id":"2442287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442287"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498","reference_id":"buglist.cgi?bug_id=2015196%2C2016423%2C2016498","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2793"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdan-9u9t-dqdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/362?format=json","vulnerability_id":"VCID-smme-p7kr-1bby","summary":"Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2792","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22191","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22238","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22251","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442318","reference_id":"2442318","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442318"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331","reference_id":"buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2792"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smme-p7kr-1bby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/436?format=json","vulnerability_id":"VCID-sn7g-bszk-7khh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6749.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6749","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17154","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17119","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17158","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460096","reference_id":"2460096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460096"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022610","reference_id":"show_bug.cgi?id=2022610","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2022610"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6749"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sn7g-bszk-7khh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/716?format=json","vulnerability_id":"VCID-sqaj-rvcg-5fe5","summary":"Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10537.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10537.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10537","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2669","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2673","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2674","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395759","reference_id":"2395759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395759"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938220%2C1980730%2C1981280%2C1981283%2C1984505%2C1985067","reference_id":"buglist.cgi?bug_id=1938220%2C1980730%2C1981280%2C1981283%2C1984505%2C1985067","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938220%2C1980730%2C1981280%2C1981283%2C1984505%2C1985067"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10537"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sqaj-rvcg-5fe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/792?format=json","vulnerability_id":"VCID-swrh-3acx-5bfn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14321.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14321.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14321","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24966","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24898","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24954","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14321"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420503","reference_id":"2420503","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420503"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1992760","reference_id":"show_bug.cgi?id=1992760","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1992760"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14321"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swrh-3acx-5bfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/365?format=json","vulnerability_id":"VCID-szne-daeu-yyaf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8094.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8094","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05703","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05704","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05717","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467706","reference_id":"2467706","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467706"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-41","reference_id":"mfsa2026-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-41/","reference_id":"mfsa2026-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-44","reference_id":"mfsa2026-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-44/","reference_id":"mfsa2026-44","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:35:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19160","reference_id":"RHSA-2026:19160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20566","reference_id":"RHSA-2026:20566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20574","reference_id":"RHSA-2026:20574","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20574"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2035939","reference_id":"show_bug.cgi?id=2035939","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:35:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2035939"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-8094"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-szne-daeu-yyaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/396?format=json","vulnerability_id":"VCID-t1vq-j38a-2ygb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8091","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0679","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06782","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06794","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8091"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-36/","reference_id":"mfsa2026-36","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-39/","reference_id":"mfsa2026-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-42","reference_id":"mfsa2026-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-42/","reference_id":"mfsa2026-42","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-42/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029301","reference_id":"show_bug.cgi?id=2029301","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029301"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-8091"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1vq-j38a-2ygb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108?format=json","vulnerability_id":"VCID-t2ta-b79e-gbe8","summary":"Truncation of a long URL could have allowed origin spoofing in a permission prompt.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66423","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66439","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66431","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440","reference_id":"2322440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423","reference_id":"show_bug.cgi?id=1920423","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10462"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ta-b79e-gbe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/408?format=json","vulnerability_id":"VCID-t49a-dxu7-6qhp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0885","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0738","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07402","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07396","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428961","reference_id":"2428961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428961"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003607","reference_id":"show_bug.cgi?id=2003607","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2003607"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0885"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t49a-dxu7-6qhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340?format=json","vulnerability_id":"VCID-tc5e-e18p-4qhf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2770","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04966","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04974","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04988","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442343","reference_id":"2442343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442343"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014585","reference_id":"show_bug.cgi?id=2014585","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2770"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tc5e-e18p-4qhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/346?format=json","vulnerability_id":"VCID-tes3-9dxj-87gb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2776","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08653","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0865","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08669","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442291","reference_id":"2442291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442291"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015266","reference_id":"show_bug.cgi?id=2015266","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015266"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2776"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tes3-9dxj-87gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/393?format=json","vulnerability_id":"VCID-ty3k-pg97-7ff9","summary":"Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5734","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20326","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20365","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20374","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5734"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455897","reference_id":"2455897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455897"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505","reference_id":"buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-25","reference_id":"mfsa2026-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-25/","reference_id":"mfsa2026-25","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-27","reference_id":"mfsa2026-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-27"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-27/","reference_id":"mfsa2026-27","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-27/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-28","reference_id":"mfsa2026-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-28/","reference_id":"mfsa2026-28","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-29","reference_id":"mfsa2026-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-29/","reference_id":"mfsa2026-29","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-29/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11805","reference_id":"RHSA-2026:11805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11813","reference_id":"RHSA-2026:11813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12264","reference_id":"RHSA-2026:12264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13342","reference_id":"RHSA-2026:13342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13412","reference_id":"RHSA-2026:13412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13533","reference_id":"RHSA-2026:13533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13582","reference_id":"RHSA-2026:13582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13583","reference_id":"RHSA-2026:13583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13596","reference_id":"RHSA-2026:13596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13600","reference_id":"RHSA-2026:13600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13665","reference_id":"RHSA-2026:13665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13682","reference_id":"RHSA-2026:13682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13683","reference_id":"RHSA-2026:13683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13922","reference_id":"RHSA-2026:13922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13977","reference_id":"RHSA-2026:13977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14223","reference_id":"RHSA-2026:14223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14303","reference_id":"RHSA-2026:14303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15889","reference_id":"RHSA-2026:15889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7671","reference_id":"RHSA-2026:7671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7672","reference_id":"RHSA-2026:7672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8052","reference_id":"RHSA-2026:8052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8459","reference_id":"RHSA-2026:8459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9345","reference_id":"RHSA-2026:9345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9638","reference_id":"RHSA-2026:9638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9638"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-5734"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ty3k-pg97-7ff9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/314?format=json","vulnerability_id":"VCID-tyba-j6k8-z3hh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59375","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27498","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27536","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27587","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/libexpat/libexpat/issues/1018","reference_id":"1018","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/"}],"url":"https://github.com/libexpat/libexpat/issues/1018"},{"reference_url":"https://github.com/libexpat/libexpat/pull/1034","reference_id":"1034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/"}],"url":"https://github.com/libexpat/libexpat/pull/1034"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298","reference_id":"1115298","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395108","reference_id":"2395108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395108"},{"reference_url":"https://issues.oss-fuzz.com/issues/439133977","reference_id":"439133977","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/"}],"url":"https://issues.oss-fuzz.com/issues/439133977"},{"reference_url":"https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes","reference_id":"Changes","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/"}],"url":"https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes"},{"reference_url":"https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74","reference_id":"Changes#L45-L74","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/"}],"url":"https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19020","reference_id":"RHSA-2025:19020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19403","reference_id":"RHSA-2025:19403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21030","reference_id":"RHSA-2025:21030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21773","reference_id":"RHSA-2025:21773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21776","reference_id":"RHSA-2025:21776","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21974","reference_id":"RHSA-2025:21974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22033","reference_id":"RHSA-2025:22033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22034","reference_id":"RHSA-2025:22034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22035","reference_id":"RHSA-2025:22035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22175","reference_id":"RHSA-2025:22175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22607","reference_id":"RHSA-2025:22607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22618","reference_id":"RHSA-2025:22618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22785","reference_id":"RHSA-2025:22785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22842","reference_id":"RHSA-2025:22842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22871","reference_id":"RHSA-2025:22871","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22935","reference_id":"RHSA-2025:22935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23202","reference_id":"RHSA-2025:23202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23204","reference_id":"RHSA-2025:23204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23205","reference_id":"RHSA-2025:23205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23209","reference_id":"RHSA-2025:23209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23227","reference_id":"RHSA-2025:23227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23248","reference_id":"RHSA-2025:23248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23449","reference_id":"RHSA-2025:23449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23550","reference_id":"RHSA-2025:23550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0001","reference_id":"RHSA-2026:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0076","reference_id":"RHSA-2026:0076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0077","reference_id":"RHSA-2026:0077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0078","reference_id":"RHSA-2026:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0316","reference_id":"RHSA-2026:0316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0326","reference_id":"RHSA-2026:0326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0332","reference_id":"RHSA-2026:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0414","reference_id":"RHSA-2026:0414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0420","reference_id":"RHSA-2026:0420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0518","reference_id":"RHSA-2026:0518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0674","reference_id":"RHSA-2026:0674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0677","reference_id":"RHSA-2026:0677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0996","reference_id":"RHSA-2026:0996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10950","reference_id":"RHSA-2026:10950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1541","reference_id":"RHSA-2026:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1652","reference_id":"RHSA-2026:1652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19064","reference_id":"RHSA-2026:19064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19177","reference_id":"RHSA-2026:19177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21275","reference_id":"RHSA-2026:21275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3407","reference_id":"RHSA-2026:3407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5396","reference_id":"RHSA-2026:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5396"},{"reference_url":"https://usn.ubuntu.com/8022-1/","reference_id":"USN-8022-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8022-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-59375"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyba-j6k8-z3hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/727?format=json","vulnerability_id":"VCID-tzbs-yt2e-77eg","summary":"An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4919.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4919","reference_id":"","reference_type":"","scores":[{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51349","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51328","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00277","scoring_system":"epss","scoring_elements":"0.51344","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4919"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367018","reference_id":"2367018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367018"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-36","reference_id":"mfsa2025-36","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-36/","reference_id":"mfsa2025-36","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-37","reference_id":"mfsa2025-37","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-37/","reference_id":"mfsa2025-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-38","reference_id":"mfsa2025-38","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-38/","reference_id":"mfsa2025-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-38/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-40","reference_id":"mfsa2025-40","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-40/","reference_id":"mfsa2025-40","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-41","reference_id":"mfsa2025-41","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-41/","reference_id":"mfsa2025-41","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-41/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8049","reference_id":"RHSA-2025:8049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8060","reference_id":"RHSA-2025:8060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8125","reference_id":"RHSA-2025:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8369","reference_id":"RHSA-2025:8369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8370","reference_id":"RHSA-2025:8370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8371","reference_id":"RHSA-2025:8371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8465","reference_id":"RHSA-2025:8465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8639","reference_id":"RHSA-2025:8639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8640","reference_id":"RHSA-2025:8640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8645","reference_id":"RHSA-2025:8645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8807","reference_id":"RHSA-2025:8807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8807"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1966614","reference_id":"show_bug.cgi?id=1966614","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1966614"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-4919"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzbs-yt2e-77eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/691?format=json","vulnerability_id":"VCID-u18d-7p21-jqg8","summary":"A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3029.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3029","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33024","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33062","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33048","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356556","reference_id":"2356556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356556"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-22/","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-24/","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3556","reference_id":"RHSA-2025:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3581","reference_id":"RHSA-2025:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3582","reference_id":"RHSA-2025:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3587","reference_id":"RHSA-2025:3587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3589","reference_id":"RHSA-2025:3589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3590","reference_id":"RHSA-2025:3590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3620","reference_id":"RHSA-2025:3620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3621","reference_id":"RHSA-2025:3621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3623","reference_id":"RHSA-2025:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3628","reference_id":"RHSA-2025:3628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4026","reference_id":"RHSA-2025:4026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4027","reference_id":"RHSA-2025:4027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4028","reference_id":"RHSA-2025:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4029","reference_id":"RHSA-2025:4029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4030","reference_id":"RHSA-2025:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4031","reference_id":"RHSA-2025:4031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4032","reference_id":"RHSA-2025:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4169","reference_id":"RHSA-2025:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4170","reference_id":"RHSA-2025:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7491","reference_id":"RHSA-2025:7491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7493","reference_id":"RHSA-2025:7493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7493"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952213","reference_id":"show_bug.cgi?id=1952213","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952213"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-3029"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u18d-7p21-jqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/756?format=json","vulnerability_id":"VCID-u1nw-8562-pfb2","summary":"It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1934","reference_id":"","reference_type":"","scores":[{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.5702","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.57032","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.57025","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349790","reference_id":"2349790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349790"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881","reference_id":"show_bug.cgi?id=1942881","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1934"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1nw-8562-pfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/405?format=json","vulnerability_id":"VCID-u2hq-ttdt-xye7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14327","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04376","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04389","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04401","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420507","reference_id":"2420507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420507"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970743","reference_id":"show_bug.cgi?id=1970743","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970743"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14327"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2hq-ttdt-xye7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/434?format=json","vulnerability_id":"VCID-u7qf-8ncj-5uae","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6747.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6747","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20952","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20998","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21011","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460095","reference_id":"2460095","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460095"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021769","reference_id":"show_bug.cgi?id=2021769","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2021769"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6747"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7qf-8ncj-5uae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/742?format=json","vulnerability_id":"VCID-u7zd-r5jx-23ca","summary":"Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5263","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39832","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39859","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39855","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368756","reference_id":"2368756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368756"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-42/","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-43/","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-45/","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1960745","reference_id":"show_bug.cgi?id=1960745","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1960745"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5263"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7zd-r5jx-23ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/847?format=json","vulnerability_id":"VCID-u926-beug-xydv","summary":"A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11710.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11710","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2827","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2832","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403768","reference_id":"2403768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403768"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-82/","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-82/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989899","reference_id":"show_bug.cgi?id=1989899","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989899"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11710"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u926-beug-xydv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/717?format=json","vulnerability_id":"VCID-u9tm-qdjs-abeb","summary":"A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1011.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1011","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52829","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52841","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52847","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343756","reference_id":"2343756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343756"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-07/","reference_id":"mfsa2025-07","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-07/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-11/","reference_id":"mfsa2025-11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1066","reference_id":"RHSA-2025:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1132","reference_id":"RHSA-2025:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1133","reference_id":"RHSA-2025:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1135","reference_id":"RHSA-2025:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1136","reference_id":"RHSA-2025:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1137","reference_id":"RHSA-2025:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1138","reference_id":"RHSA-2025:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1139","reference_id":"RHSA-2025:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1140","reference_id":"RHSA-2025:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1184","reference_id":"RHSA-2025:1184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1283","reference_id":"RHSA-2025:1283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1292","reference_id":"RHSA-2025:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1317","reference_id":"RHSA-2025:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1318","reference_id":"RHSA-2025:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1319","reference_id":"RHSA-2025:1319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1339","reference_id":"RHSA-2025:1339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1340","reference_id":"RHSA-2025:1340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1341","reference_id":"RHSA-2025:1341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1348","reference_id":"RHSA-2025:1348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1348"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936454","reference_id":"show_bug.cgi?id=1936454","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1936454"},{"reference_url":"https://usn.ubuntu.com/7263-1/","reference_id":"USN-7263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7263-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1011"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9tm-qdjs-abeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/745?format=json","vulnerability_id":"VCID-ubk2-785h-5kct","summary":"Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5266","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63226","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63236","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63228","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368755","reference_id":"2368755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368755"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-42/","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-45/","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1965628","reference_id":"show_bug.cgi?id=1965628","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1965628"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5266"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubk2-785h-5kct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331?format=json","vulnerability_id":"VCID-uf15-ve5u-p3b7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2761","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34602","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34638","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34622","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442309","reference_id":"2442309","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442309"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011063","reference_id":"show_bug.cgi?id=2011063","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2011063"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2761"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uf15-ve5u-p3b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/707?format=json","vulnerability_id":"VCID-ufgu-u7ss-pfd5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10528.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10528","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31994","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32031","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32063","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395755","reference_id":"2395755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395755"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1986185","reference_id":"show_bug.cgi?id=1986185","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1986185"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10528"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ufgu-u7ss-pfd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/295?format=json","vulnerability_id":"VCID-uhv8-3f5a-1bfw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4698","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1244","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12477","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12476","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450719","reference_id":"2450719","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450719"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-21/","reference_id":"mfsa2026-21","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020906","reference_id":"show_bug.cgi?id=2020906","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2020906"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4698"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhv8-3f5a-1bfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82?format=json","vulnerability_id":"VCID-un91-2e6u-nkdy","summary":"A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11704","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50802","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50823","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50818","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328942","reference_id":"2328942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328942"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899402","reference_id":"show_bug.cgi?id=1899402","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899402"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11704"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un91-2e6u-nkdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/336?format=json","vulnerability_id":"VCID-unwj-4n5m-w7d4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2766","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07078","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07093","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07088","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442294","reference_id":"2442294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442294"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013583","reference_id":"show_bug.cgi?id=2013583","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2766"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-unwj-4n5m-w7d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/339?format=json","vulnerability_id":"VCID-uw3f-xkcu-bqak","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2769","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06267","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06273","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442295","reference_id":"2442295","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442295"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014550","reference_id":"show_bug.cgi?id=2014550","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014550"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2769"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uw3f-xkcu-bqak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/364?format=json","vulnerability_id":"VCID-v3pa-2j5z-dfeu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8090.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8090.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8090","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05993","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05978","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0598","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467709","reference_id":"2467709","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467709"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-40","reference_id":"mfsa2026-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-40/","reference_id":"mfsa2026-40","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-41","reference_id":"mfsa2026-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-41/","reference_id":"mfsa2026-41","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-42","reference_id":"mfsa2026-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-42/","reference_id":"mfsa2026-42","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-43","reference_id":"mfsa2026-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-43/","reference_id":"mfsa2026-43","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-44","reference_id":"mfsa2026-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-44/","reference_id":"mfsa2026-44","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19160","reference_id":"RHSA-2026:19160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20566","reference_id":"RHSA-2026:20566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20574","reference_id":"RHSA-2026:20574","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20574"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034352","reference_id":"show_bug.cgi?id=2034352","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034352"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-8090"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3pa-2j5z-dfeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/438?format=json","vulnerability_id":"VCID-v6jv-zedv-u7fy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6751.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6751","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19867","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19909","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19915","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460109","reference_id":"2460109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460109"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2025883","reference_id":"show_bug.cgi?id=2025883","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2025883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6751"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6jv-zedv-u7fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/400?format=json","vulnerability_id":"VCID-vdhr-htd7-4ub1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0877","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08596","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08601","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08617","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428969","reference_id":"2428969","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428969"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-02/","reference_id":"mfsa2026-02","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1999257","reference_id":"show_bug.cgi?id=1999257","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1999257"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0877"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdhr-htd7-4ub1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/765?format=json","vulnerability_id":"VCID-vgb8-wp23-3qaj","summary":"On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8027.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8027.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8027","reference_id":"","reference_type":"","scores":[{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65895","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65893","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00489","scoring_system":"epss","scoring_elements":"0.65907","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8027"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8027"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382707","reference_id":"2382707","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382707"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-57/","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1968423","reference_id":"show_bug.cgi?id=1968423","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1968423"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8027"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgb8-wp23-3qaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/834?format=json","vulnerability_id":"VCID-vgp1-72ck-gqb3","summary":"Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4091.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4091.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4091","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46949","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55587","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55581","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4091"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362912","reference_id":"2362912","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362912"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105","reference_id":"buglist.cgi?bug_id=1951161%2C1952105","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-28/","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-31/","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4443","reference_id":"RHSA-2025:4443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4458","reference_id":"RHSA-2025:4458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4460","reference_id":"RHSA-2025:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4751","reference_id":"RHSA-2025:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4752","reference_id":"RHSA-2025:4752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4753","reference_id":"RHSA-2025:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4756","reference_id":"RHSA-2025:4756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4797","reference_id":"RHSA-2025:4797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7428","reference_id":"RHSA-2025:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7506","reference_id":"RHSA-2025:7506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7507","reference_id":"RHSA-2025:7507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7543","reference_id":"RHSA-2025:7543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7544","reference_id":"RHSA-2025:7544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7545","reference_id":"RHSA-2025:7545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7547","reference_id":"RHSA-2025:7547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7689","reference_id":"RHSA-2025:7689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7690","reference_id":"RHSA-2025:7690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7691","reference_id":"RHSA-2025:7691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7692","reference_id":"RHSA-2025:7692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7693","reference_id":"RHSA-2025:7693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7694","reference_id":"RHSA-2025:7694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7695","reference_id":"RHSA-2025:7695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7695"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-4091"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgp1-72ck-gqb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113?format=json","vulnerability_id":"VCID-vrkn-6p96-ykft","summary":"By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71754","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71778","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71772","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438","reference_id":"2322438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154","reference_id":"show_bug.cgi?id=1924154","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10466"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrkn-6p96-ykft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/708?format=json","vulnerability_id":"VCID-vwkh-sy41-67e5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10529.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10529","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25143","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25206","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395756","reference_id":"2395756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395756"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-73"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-73/","reference_id":"mfsa2025-73","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-73/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-75"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-75/","reference_id":"mfsa2025-75","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-75/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-77"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-77/","reference_id":"mfsa2025-77","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-77/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-78"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-78/","reference_id":"mfsa2025-78","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-78/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16108","reference_id":"RHSA-2025:16108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16109","reference_id":"RHSA-2025:16109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16156","reference_id":"RHSA-2025:16156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16157","reference_id":"RHSA-2025:16157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16260","reference_id":"RHSA-2025:16260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16589","reference_id":"RHSA-2025:16589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17340","reference_id":"RHSA-2025:17340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17341","reference_id":"RHSA-2025:17341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17342","reference_id":"RHSA-2025:17342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17343","reference_id":"RHSA-2025:17343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17344","reference_id":"RHSA-2025:17344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17345","reference_id":"RHSA-2025:17345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17346","reference_id":"RHSA-2025:17346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17367","reference_id":"RHSA-2025:17367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17368","reference_id":"RHSA-2025:17368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17371","reference_id":"RHSA-2025:17371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17372","reference_id":"RHSA-2025:17372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17373","reference_id":"RHSA-2025:17373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17374","reference_id":"RHSA-2025:17374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17378","reference_id":"RHSA-2025:17378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17453","reference_id":"RHSA-2025:17453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17453"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970490","reference_id":"show_bug.cgi?id=1970490","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970490"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-10529"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vwkh-sy41-67e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/399?format=json","vulnerability_id":"VCID-vzpq-6jd2-duhf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2447","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05385","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05361","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05366","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283","reference_id":"1128283","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440219","reference_id":"2440219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440219"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-10","reference_id":"mfsa2026-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-10/","reference_id":"mfsa2026-10","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-11","reference_id":"mfsa2026-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-11/","reference_id":"mfsa2026-11","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16174","reference_id":"RHSA-2026:16174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3967","reference_id":"RHSA-2026:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4447","reference_id":"RHSA-2026:4447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4629","reference_id":"RHSA-2026:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5227","reference_id":"RHSA-2026:5227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5228","reference_id":"RHSA-2026:5228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5229","reference_id":"RHSA-2026:5229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5230","reference_id":"RHSA-2026:5230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5231","reference_id":"RHSA-2026:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5319","reference_id":"RHSA-2026:5319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5320","reference_id":"RHSA-2026:5320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5323","reference_id":"RHSA-2026:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5324","reference_id":"RHSA-2026:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5326","reference_id":"RHSA-2026:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8746","reference_id":"RHSA-2026:8746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8747","reference_id":"RHSA-2026:8747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8748","reference_id":"RHSA-2026:8748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8748"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014390","reference_id":"show_bug.cgi?id=2014390","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014390"},{"reference_url":"https://usn.ubuntu.com/8053-1/","reference_id":"USN-8053-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8053-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2447"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzpq-6jd2-duhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106?format=json","vulnerability_id":"VCID-w1uv-az6r-qqcu","summary":"The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62251","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62262","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62255","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444","reference_id":"2322444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537","reference_id":"show_bug.cgi?id=1912537","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10460"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1uv-az6r-qqcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/392?format=json","vulnerability_id":"VCID-waeb-qs91-4kbt","summary":"Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5731","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21811","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21857","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21869","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455901","reference_id":"2455901","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455901"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-25","reference_id":"mfsa2026-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-25/","reference_id":"mfsa2026-25","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-26","reference_id":"mfsa2026-26","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-26"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-26/","reference_id":"mfsa2026-26","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-26/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-27","reference_id":"mfsa2026-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-27"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-27/","reference_id":"mfsa2026-27","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-27/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-28","reference_id":"mfsa2026-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-28/","reference_id":"mfsa2026-28","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-29","reference_id":"mfsa2026-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-29/","reference_id":"mfsa2026-29","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-29/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11805","reference_id":"RHSA-2026:11805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11813","reference_id":"RHSA-2026:11813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12264","reference_id":"RHSA-2026:12264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13342","reference_id":"RHSA-2026:13342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13412","reference_id":"RHSA-2026:13412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13533","reference_id":"RHSA-2026:13533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13582","reference_id":"RHSA-2026:13582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13583","reference_id":"RHSA-2026:13583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13596","reference_id":"RHSA-2026:13596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13600","reference_id":"RHSA-2026:13600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13665","reference_id":"RHSA-2026:13665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13682","reference_id":"RHSA-2026:13682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13683","reference_id":"RHSA-2026:13683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13922","reference_id":"RHSA-2026:13922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13977","reference_id":"RHSA-2026:13977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14223","reference_id":"RHSA-2026:14223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14303","reference_id":"RHSA-2026:14303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15889","reference_id":"RHSA-2026:15889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7671","reference_id":"RHSA-2026:7671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7672","reference_id":"RHSA-2026:7672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8052","reference_id":"RHSA-2026:8052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8459","reference_id":"RHSA-2026:8459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9345","reference_id":"RHSA-2026:9345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9638","reference_id":"RHSA-2026:9638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9638"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-5731"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-waeb-qs91-4kbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/857?format=json","vulnerability_id":"VCID-wf48-836h-53h5","summary":"Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11715.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11715.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11715","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.2003","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20068","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20073","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403774","reference_id":"2403774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403774"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899","reference_id":"buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11715"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wf48-836h-53h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/799?format=json","vulnerability_id":"VCID-wpsg-9gf7-13dr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14330.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14330","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24301","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24375","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24357","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420516","reference_id":"2420516","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420516"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-92"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-92/","reference_id":"mfsa2025-92","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-92/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-94"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-94/","reference_id":"mfsa2025-94","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-94/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-95"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-95/","reference_id":"mfsa2025-95","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-95/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-96"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-96/","reference_id":"mfsa2025-96","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-96/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23034","reference_id":"RHSA-2025:23034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23035","reference_id":"RHSA-2025:23035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23128","reference_id":"RHSA-2025:23128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23856","reference_id":"RHSA-2025:23856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0003","reference_id":"RHSA-2026:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0004","reference_id":"RHSA-2026:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0005","reference_id":"RHSA-2026:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0006","reference_id":"RHSA-2026:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0007","reference_id":"RHSA-2026:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0013","reference_id":"RHSA-2026:0013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0014","reference_id":"RHSA-2026:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0015","reference_id":"RHSA-2026:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0016","reference_id":"RHSA-2026:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0017","reference_id":"RHSA-2026:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0018","reference_id":"RHSA-2026:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0019","reference_id":"RHSA-2026:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0020","reference_id":"RHSA-2026:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0021","reference_id":"RHSA-2026:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0022","reference_id":"RHSA-2026:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0023","reference_id":"RHSA-2026:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0024","reference_id":"RHSA-2026:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0025","reference_id":"RHSA-2026:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0026","reference_id":"RHSA-2026:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0124","reference_id":"RHSA-2026:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0127","reference_id":"RHSA-2026:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0127"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1997503","reference_id":"show_bug.cgi?id=1997503","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1997503"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-14330"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpsg-9gf7-13dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/348?format=json","vulnerability_id":"VCID-wr79-ta1b-hyer","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2778","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0865","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08669","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08653","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442335","reference_id":"2442335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442335"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016358","reference_id":"show_bug.cgi?id=2016358","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016358"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2778"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wr79-ta1b-hyer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80?format=json","vulnerability_id":"VCID-wzux-r3fv-fyg9","summary":"The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed.  Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11696","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17811","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1785","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17846","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328943","reference_id":"2328943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328943"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929600","reference_id":"show_bug.cgi?id=1929600","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929600"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11696"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzux-r3fv-fyg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/343?format=json","vulnerability_id":"VCID-x7kn-h4ce-vqaj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2773","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08837","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08857","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0884","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442319","reference_id":"2442319","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442319"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014832","reference_id":"show_bug.cgi?id=2014832","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014832"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2773"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7kn-h4ce-vqaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/361?format=json","vulnerability_id":"VCID-xf1n-uj49-p3fx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2791","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08402","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08421","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08409","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442342","reference_id":"2442342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442342"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015220","reference_id":"show_bug.cgi?id=2015220","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015220"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2791"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xf1n-uj49-p3fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/337?format=json","vulnerability_id":"VCID-xhh4-thp4-fyff","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2767","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17899","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17936","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17939","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442328","reference_id":"2442328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442328"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013741","reference_id":"show_bug.cgi?id=2013741","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2013741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2767"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhh4-thp4-fyff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/777?format=json","vulnerability_id":"VCID-xney-87gm-53g3","summary":"Parsing a JavaScript module as JSON could under some circumstances cause cross-compartment access, which may result in a use-after-free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0240","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15307","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15359","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15349","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336188","reference_id":"2336188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336188"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929623","reference_id":"show_bug.cgi?id=1929623","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929623"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-0240"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xney-87gm-53g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/692?format=json","vulnerability_id":"VCID-xns8-z4be-r3bs","summary":"Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3030.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3030.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3030","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46949","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46967","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46964","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356563","reference_id":"2356563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356563"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494","reference_id":"buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-22/","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-24/","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3556","reference_id":"RHSA-2025:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3581","reference_id":"RHSA-2025:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3582","reference_id":"RHSA-2025:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3587","reference_id":"RHSA-2025:3587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3589","reference_id":"RHSA-2025:3589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3590","reference_id":"RHSA-2025:3590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3620","reference_id":"RHSA-2025:3620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3621","reference_id":"RHSA-2025:3621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3623","reference_id":"RHSA-2025:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3628","reference_id":"RHSA-2025:3628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4026","reference_id":"RHSA-2025:4026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4027","reference_id":"RHSA-2025:4027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4028","reference_id":"RHSA-2025:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4029","reference_id":"RHSA-2025:4029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4030","reference_id":"RHSA-2025:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4031","reference_id":"RHSA-2025:4031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4032","reference_id":"RHSA-2025:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4169","reference_id":"RHSA-2025:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4170","reference_id":"RHSA-2025:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7491","reference_id":"RHSA-2025:7491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7493","reference_id":"RHSA-2025:7493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7493"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-3030"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xns8-z4be-r3bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/760?format=json","vulnerability_id":"VCID-xp44-3pt4-2ue1","summary":"Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1938","reference_id":"","reference_type":"","scores":[{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54588","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54596","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54587","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349793","reference_id":"2349793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349793"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111","reference_id":"buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2899","reference_id":"RHSA-2025:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2900","reference_id":"RHSA-2025:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2957","reference_id":"RHSA-2025:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2958","reference_id":"RHSA-2025:2958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2959","reference_id":"RHSA-2025:2959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2960","reference_id":"RHSA-2025:2960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3009","reference_id":"RHSA-2025:3009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3013","reference_id":"RHSA-2025:3013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3036","reference_id":"RHSA-2025:3036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3036"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1938"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xp44-3pt4-2ue1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/770?format=json","vulnerability_id":"VCID-y3je-ddex-xyh3","summary":"XSLT document loading did not correctly propagate the source document which bypassed its CSP.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8032.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8032","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55659","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55652","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55664","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8032"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382718","reference_id":"2382718","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382718"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1974407","reference_id":"show_bug.cgi?id=1974407","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1974407"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8032"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3je-ddex-xyh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112?format=json","vulnerability_id":"VCID-y4xw-cu5j-nbfc","summary":"A clipboard \"paste\" button could persist across tabs which allowed a spoofing attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66423","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66439","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66431","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434","reference_id":"2322434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853","reference_id":"show_bug.cgi?id=1918853","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-10465"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4xw-cu5j-nbfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/342?format=json","vulnerability_id":"VCID-y5qy-jwyp-bban","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2772","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06068","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06071","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06083","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442326","reference_id":"2442326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442326"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014827","reference_id":"show_bug.cgi?id=2014827","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2772"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5qy-jwyp-bban"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/754?format=json","vulnerability_id":"VCID-y6zq-n9uh-8kd2","summary":"An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1932","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44601","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44623","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44615","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349796","reference_id":"2349796","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349796"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944313","reference_id":"show_bug.cgi?id=1944313","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944313"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1932"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6zq-n9uh-8kd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/317?format=json","vulnerability_id":"VCID-y8w8-tc81-ryhr","summary":"Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4720","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07715","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4720"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450751","reference_id":"2450751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450751"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733","reference_id":"buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4720"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8w8-tc81-ryhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/344?format=json","vulnerability_id":"VCID-yar2-m8ch-8fcd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2774","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07266","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07279","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07274","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442290","reference_id":"2442290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442290"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014883","reference_id":"show_bug.cgi?id=2014883","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2774"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yar2-m8ch-8fcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/454?format=json","vulnerability_id":"VCID-ybek-h33z-v7dr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6772","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17119","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17154","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17158","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460074","reference_id":"2460074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460074"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-31/","reference_id":"mfsa2026-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2026089","reference_id":"show_bug.cgi?id=2026089","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2026089"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6772"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ybek-h33z-v7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/764?format=json","vulnerability_id":"VCID-yfq7-nc7g-v7gx","summary":"Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5269.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5269.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5269","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62811","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.6281","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.6282","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368757","reference_id":"2368757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368757"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924108","reference_id":"show_bug.cgi?id=1924108","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924108"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-5269"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfq7-nc7g-v7gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/316?format=json","vulnerability_id":"VCID-ygp6-et8g-5khe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4719","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0661","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06621","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06622","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450746","reference_id":"2450746","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450746"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016367","reference_id":"show_bug.cgi?id=2016367","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016367"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4719"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygp6-et8g-5khe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/848?format=json","vulnerability_id":"VCID-yn6r-ptdw-aket","summary":"There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11711.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11711.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11711","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09474","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09488","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09468","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403776","reference_id":"2403776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403776"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-82/","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-82/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989978","reference_id":"show_bug.cgi?id=1989978","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1989978"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11711"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yn6r-ptdw-aket"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/411?format=json","vulnerability_id":"VCID-yucu-c6vn-sfdy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0890","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06309","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06316","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06326","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428971","reference_id":"2428971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2428971"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-01/","reference_id":"mfsa2026-01","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-03/","reference_id":"mfsa2026-03","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-04/","reference_id":"mfsa2026-04","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-05/","reference_id":"mfsa2026-05","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0667","reference_id":"RHSA-2026:0667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0694","reference_id":"RHSA-2026:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0924","reference_id":"RHSA-2026:0924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1320","reference_id":"RHSA-2026:1320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1413","reference_id":"RHSA-2026:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1414","reference_id":"RHSA-2026:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1415","reference_id":"RHSA-2026:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1461","reference_id":"RHSA-2026:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1462","reference_id":"RHSA-2026:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1471","reference_id":"RHSA-2026:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1487","reference_id":"RHSA-2026:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2041","reference_id":"RHSA-2026:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2043","reference_id":"RHSA-2026:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2044","reference_id":"RHSA-2026:2044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2047","reference_id":"RHSA-2026:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2069","reference_id":"RHSA-2026:2069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2070","reference_id":"RHSA-2026:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2073","reference_id":"RHSA-2026:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2074","reference_id":"RHSA-2026:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2220","reference_id":"RHSA-2026:2220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2231","reference_id":"RHSA-2026:2231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2271","reference_id":"RHSA-2026:2271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2286","reference_id":"RHSA-2026:2286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2286"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005081","reference_id":"show_bug.cgi?id=2005081","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2005081"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-0890"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yucu-c6vn-sfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/817?format=json","vulnerability_id":"VCID-yx9k-e2yd-xyb6","summary":"A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4083.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4083","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44887","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56804","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56811","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4083"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362907","reference_id":"2362907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362907"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-28/","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-30/","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-31/","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4443","reference_id":"RHSA-2025:4443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4458","reference_id":"RHSA-2025:4458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4460","reference_id":"RHSA-2025:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4751","reference_id":"RHSA-2025:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4752","reference_id":"RHSA-2025:4752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4753","reference_id":"RHSA-2025:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4756","reference_id":"RHSA-2025:4756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4797","reference_id":"RHSA-2025:4797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7428","reference_id":"RHSA-2025:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7506","reference_id":"RHSA-2025:7506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7507","reference_id":"RHSA-2025:7507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7543","reference_id":"RHSA-2025:7543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7544","reference_id":"RHSA-2025:7544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7545","reference_id":"RHSA-2025:7545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7547","reference_id":"RHSA-2025:7547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7689","reference_id":"RHSA-2025:7689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7690","reference_id":"RHSA-2025:7690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7691","reference_id":"RHSA-2025:7691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7692","reference_id":"RHSA-2025:7692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7693","reference_id":"RHSA-2025:7693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7694","reference_id":"RHSA-2025:7694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7695","reference_id":"RHSA-2025:7695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7695"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1958350","reference_id":"show_bug.cgi?id=1958350","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1958350"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-4083"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yx9k-e2yd-xyb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/772?format=json","vulnerability_id":"VCID-z2m8-1qr8-53dp","summary":"Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8034.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8034","reference_id":"","reference_type":"","scores":[{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68002","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68013","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68005","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8034"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382711","reference_id":"2382711","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2382711"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-56/","reference_id":"mfsa2025-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-57/","reference_id":"mfsa2025-57","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-58/","reference_id":"mfsa2025-58","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-59/","reference_id":"mfsa2025-59","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-61"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-61/","reference_id":"mfsa2025-61","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-62"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-62/","reference_id":"mfsa2025-62","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-63/","reference_id":"mfsa2025-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11747","reference_id":"RHSA-2025:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11748","reference_id":"RHSA-2025:11748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11797","reference_id":"RHSA-2025:11797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12044","reference_id":"RHSA-2025:12044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12045","reference_id":"RHSA-2025:12045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12046","reference_id":"RHSA-2025:12046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12187","reference_id":"RHSA-2025:12187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12188","reference_id":"RHSA-2025:12188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12278","reference_id":"RHSA-2025:12278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12302","reference_id":"RHSA-2025:12302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12353","reference_id":"RHSA-2025:12353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12360","reference_id":"RHSA-2025:12360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12361","reference_id":"RHSA-2025:12361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13645","reference_id":"RHSA-2025:13645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13646","reference_id":"RHSA-2025:13646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13647","reference_id":"RHSA-2025:13647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13648","reference_id":"RHSA-2025:13648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13649","reference_id":"RHSA-2025:13649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13650","reference_id":"RHSA-2025:13650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13651","reference_id":"RHSA-2025:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13676","reference_id":"RHSA-2025:13676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13676"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970422","reference_id":"show_bug.cgi?id=1970422","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1970422"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-8034"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2m8-1qr8-53dp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/338?format=json","vulnerability_id":"VCID-z4d9-13dv-5yhw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2768","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27483","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27521","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27572","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2768"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442298","reference_id":"2442298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442298"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014101","reference_id":"show_bug.cgi?id=2014101","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014101"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2768"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4d9-13dv-5yhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/753?format=json","vulnerability_id":"VCID-z4da-g7sq-9kbe","summary":"It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1931","reference_id":"","reference_type":"","scores":[{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.60162","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.60172","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.60175","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349786","reference_id":"2349786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349786"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944126","reference_id":"show_bug.cgi?id=1944126","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944126"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-1931"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4da-g7sq-9kbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/856?format=json","vulnerability_id":"VCID-zb1n-26m8-w7g2","summary":"Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11714.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11714.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11714","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19212","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19256","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19259","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11714"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403763","reference_id":"2403763","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403763"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113","reference_id":"buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-82"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-82/","reference_id":"mfsa2025-82","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-82/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11714"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zb1n-26m8-w7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/733?format=json","vulnerability_id":"VCID-zb4w-j9rx-x3fb","summary":"Uninitialized memory in the JavaScript Engine component.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9181.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9181","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31198","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31231","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9181"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389583","reference_id":"2389583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389583"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-64/","reference_id":"mfsa2025-64","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-66"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-66/","reference_id":"mfsa2025-66","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-66/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-67/","reference_id":"mfsa2025-67","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-70/","reference_id":"mfsa2025-70","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-70/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-71"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-71/","reference_id":"mfsa2025-71","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-71/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-72"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-72/","reference_id":"mfsa2025-72","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-72/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14416","reference_id":"RHSA-2025:14416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14417","reference_id":"RHSA-2025:14417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14442","reference_id":"RHSA-2025:14442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14640","reference_id":"RHSA-2025:14640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14743","reference_id":"RHSA-2025:14743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14844","reference_id":"RHSA-2025:14844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15418","reference_id":"RHSA-2025:15418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15419","reference_id":"RHSA-2025:15419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15420","reference_id":"RHSA-2025:15420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15421","reference_id":"RHSA-2025:15421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15422","reference_id":"RHSA-2025:15422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15423","reference_id":"RHSA-2025:15423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15424","reference_id":"RHSA-2025:15424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15430","reference_id":"RHSA-2025:15430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15434","reference_id":"RHSA-2025:15434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15435","reference_id":"RHSA-2025:15435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15436","reference_id":"RHSA-2025:15436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15437","reference_id":"RHSA-2025:15437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15438","reference_id":"RHSA-2025:15438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15496","reference_id":"RHSA-2025:15496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15535","reference_id":"RHSA-2025:15535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15535"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1977130","reference_id":"show_bug.cgi?id=1977130","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1977130"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-9181"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zb4w-j9rx-x3fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/345?format=json","vulnerability_id":"VCID-zcwh-hr22-qug2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2775","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08581","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08601","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08586","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442314","reference_id":"2442314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442314"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-13/","reference_id":"mfsa2026-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-14/","reference_id":"mfsa2026-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-15/","reference_id":"mfsa2026-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-16/","reference_id":"mfsa2026-16","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-17/","reference_id":"mfsa2026-17","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-17/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015199","reference_id":"show_bug.cgi?id=2015199","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2015199"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-2775"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zcwh-hr22-qug2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/315?format=json","vulnerability_id":"VCID-zefg-t9v4-zyem","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4718","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03304","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03338","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03328","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450742","reference_id":"2450742","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450742"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014864","reference_id":"show_bug.cgi?id=2014864","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014864"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-4718"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zefg-t9v4-zyem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19?format=json","vulnerability_id":"VCID-zg3a-65gb-5qbv","summary":"An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin.  This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9394.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9394","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36918","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36953","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36947","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315957","reference_id":"2315957","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315957"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918874","reference_id":"show_bug.cgi?id=1918874","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918874"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-9394"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zg3a-65gb-5qbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87?format=json","vulnerability_id":"VCID-zgwh-84ue-1kdw","summary":"Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11699","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30549","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.3058","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328947","reference_id":"2328947","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328947"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911","reference_id":"buglist.cgi?bug_id=1880582%2C1929911","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2024-11699"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgwh-84ue-1kdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/440?format=json","vulnerability_id":"VCID-zty1-r5ye-xqe8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6753.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6753","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19867","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19909","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19915","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460092","reference_id":"2460092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460092"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027501","reference_id":"show_bug.cgi?id=2027501","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2027501"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2026-6753"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zty1-r5ye-xqe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/851?format=json","vulnerability_id":"VCID-zw1m-naqh-sqfd","summary":"A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11712.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11712","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13688","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13727","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13725","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403770","reference_id":"2403770","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403770"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18154","reference_id":"RHSA-2025:18154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18155","reference_id":"RHSA-2025:18155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18285","reference_id":"RHSA-2025:18285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18320","reference_id":"RHSA-2025:18320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18321","reference_id":"RHSA-2025:18321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18983","reference_id":"RHSA-2025:18983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19278","reference_id":"RHSA-2025:19278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19938","reference_id":"RHSA-2025:19938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19939","reference_id":"RHSA-2025:19939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19941","reference_id":"RHSA-2025:19941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19942","reference_id":"RHSA-2025:19942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19943","reference_id":"RHSA-2025:19943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19944","reference_id":"RHSA-2025:19944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19945","reference_id":"RHSA-2025:19945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21054","reference_id":"RHSA-2025:21054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21055","reference_id":"RHSA-2025:21055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21056","reference_id":"RHSA-2025:21056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21057","reference_id":"RHSA-2025:21057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21058","reference_id":"RHSA-2025:21058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21059","reference_id":"RHSA-2025:21059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21064","reference_id":"RHSA-2025:21064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21064"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979536","reference_id":"show_bug.cgi?id=1979536","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1979536"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511632?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11ng-ds1t-ybdy"},{"vulnerability":"VCID-1sgn-41vs-efcy"},{"vulnerability":"VCID-5fc5-xu9y-ekca"},{"vulnerability":"VCID-5h7s-sfrz-eye3"},{"vulnerability":"VCID-e6ek-fjxf-subv"},{"vulnerability":"VCID-fbuu-t3mf-cfeg"},{"vulnerability":"VCID-fhmv-bse8-abaw"},{"vulnerability":"VCID-g339-cuzq-ffh1"},{"vulnerability":"VCID-ghpk-c1e6-pkae"},{"vulnerability":"VCID-hjh5-utas-ekb9"},{"vulnerability":"VCID-rne7-tu7d-v7e9"},{"vulnerability":"VCID-tqws-w9ga-gqew"},{"vulnerability":"VCID-tuxm-fxt8-vbee"},{"vulnerability":"VCID-tzqv-xgdb-efa1"},{"vulnerability":"VCID-uncq-bg36-3yfe"},{"vulnerability":"VCID-vseb-hh7u-1fc5"},{"vulnerability":"VCID-w8ts-g59t-z3d7"},{"vulnerability":"VCID-z1zg-s87s-fkdu"},{"vulnerability":"VCID-z8mw-3stk-vbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}],"aliases":["CVE-2025-11712"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zw1m-naqh-sqfd"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1"}