{"url":"http://public2.vulnerablecode.io/api/packages/511633?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1","type":"deb","namespace":"debian","name":"firefox-esr","version":"140.10.2esr-1~deb13u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"140.11.0esr-1~deb12u1","latest_non_vulnerable_version":"140.11.0esr-1~deb12u1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/367?format=json","vulnerability_id":"VCID-11ng-ds1t-ybdy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8946.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8946","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15758","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15623","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15708","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15748","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479849","reference_id":"2479849","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479849"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029070","reference_id":"show_bug.cgi?id=2029070","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029070"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8946"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11ng-ds1t-ybdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/371?format=json","vulnerability_id":"VCID-1sgn-41vs-efcy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8401","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24553","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2443","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24488","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24543","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476492","reference_id":"2476492","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476492"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-45/","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038679","reference_id":"show_bug.cgi?id=2038679","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038679"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8401"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1sgn-41vs-efcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/385?format=json","vulnerability_id":"VCID-5fc5-xu9y-ekca","summary":"Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8974.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8974.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8974","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14366","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1425","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14331","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14368","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8974"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479855","reference_id":"2479855","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479855"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8974"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fc5-xu9y-ekca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/373?format=json","vulnerability_id":"VCID-5h7s-sfrz-eye3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8950.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8950","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05099","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05035","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05077","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05084","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8950"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479853","reference_id":"2479853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479853"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1965430","reference_id":"show_bug.cgi?id=1965430","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1965430"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8950"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5h7s-sfrz-eye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/375?format=json","vulnerability_id":"VCID-e6ek-fjxf-subv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8954.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8954","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14079","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13959","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14044","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14081","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479847","reference_id":"2479847","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479847"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030747","reference_id":"show_bug.cgi?id=2030747","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030747"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8954"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6ek-fjxf-subv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/379?format=json","vulnerability_id":"VCID-fbuu-t3mf-cfeg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8958.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8958.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8958","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18363","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18254","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18329","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18366","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8958"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479848","reference_id":"2479848","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479848"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034713","reference_id":"show_bug.cgi?id=2034713","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034713"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8958"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbuu-t3mf-cfeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/369?format=json","vulnerability_id":"VCID-fhmv-bse8-abaw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8947.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8947","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20308","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20193","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20259","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20297","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479873","reference_id":"2479873","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479873"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038439","reference_id":"show_bug.cgi?id=2038439","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8947"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhmv-bse8-abaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/376?format=json","vulnerability_id":"VCID-g339-cuzq-ffh1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8955.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8955.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8955","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13791","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8955"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479842","reference_id":"2479842","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479842"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2031064","reference_id":"show_bug.cgi?id=2031064","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2031064"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8955"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g339-cuzq-ffh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1090?format=json","vulnerability_id":"VCID-ghpk-c1e6-pkae","summary":"Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89879","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89877","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04976","scoring_system":"epss","scoring_elements":"0.89878","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191"},{"reference_url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"},{"reference_url":"https://crbug.com/1486441","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://crbug.com/1486441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/12"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/16","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/pull/40022","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40022"},{"reference_url":"https://github.com/electron/electron/pull/40023","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40023"},{"reference_url":"https://github.com/electron/electron/pull/40024","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40024"},{"reference_url":"https://github.com/electron/electron/pull/40025","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40025"},{"reference_url":"https://github.com/electron/electron/pull/40026","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40026"},{"reference_url":"https://github.com/electron/electron/releases/tag/v22.3.25","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v22.3.25"},{"reference_url":"https://github.com/electron/electron/releases/tag/v24.8.5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v24.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v25.8.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v25.8.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v26.2.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v26.2.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8"},{"reference_url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"},{"reference_url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"},{"reference_url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1"},{"reference_url":"https://github.com/webmproject/libvpx/tags","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/tags"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"},{"reference_url":"https://pastebin.com/TdkC4pDv","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://pastebin.com/TdkC4pDv"},{"reference_url":"https://security.gentoo.org/glsa/202310-04","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202310-04"},{"reference_url":"https://security.gentoo.org/glsa/202401-34","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202401-34"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"},{"reference_url":"https://support.apple.com/kb/HT213961","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213961"},{"reference_url":"https://support.apple.com/kb/HT213972","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213972"},{"reference_url":"https://twitter.com/maddiestone/status/1707163313711497266","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://twitter.com/maddiestone/status/1707163313711497266"},{"reference_url":"https://www.debian.org/security/2023/dsa-5508","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5508"},{"reference_url":"https://www.debian.org/security/2023/dsa-5509","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5509"},{"reference_url":"https://www.debian.org/security/2023/dsa-5510","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5510"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/14","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/02/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/02/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/03/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/03/11"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182","reference_id":"1053182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/","reference_id":"AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-5217"},{"reference_url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g","reference_id":"GHSA-qqvq-6xgj-jw8g","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44","reference_id":"mfsa2023-44","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"critical","scoring_system":"generic_textual","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5426","reference_id":"RHSA-2023:5426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5427","reference_id":"RHSA-2023:5427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5428","reference_id":"RHSA-2023:5428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5429","reference_id":"RHSA-2023:5429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5430","reference_id":"RHSA-2023:5430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5432","reference_id":"RHSA-2023:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5433","reference_id":"RHSA-2023:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5434","reference_id":"RHSA-2023:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5435","reference_id":"RHSA-2023:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5436","reference_id":"RHSA-2023:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5437","reference_id":"RHSA-2023:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5438","reference_id":"RHSA-2023:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5439","reference_id":"RHSA-2023:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5440","reference_id":"RHSA-2023:5440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5475","reference_id":"RHSA-2023:5475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5477","reference_id":"RHSA-2023:5477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5534","reference_id":"RHSA-2023:5534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5535","reference_id":"RHSA-2023:5535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5536","reference_id":"RHSA-2023:5536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5537","reference_id":"RHSA-2023:5537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5538","reference_id":"RHSA-2023:5538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5539","reference_id":"RHSA-2023:5539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5540","reference_id":"RHSA-2023:5540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5540"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","reference_id":"TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"},{"reference_url":"https://usn.ubuntu.com/6403-1/","reference_id":"USN-6403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-1/"},{"reference_url":"https://usn.ubuntu.com/6403-2/","reference_id":"USN-6403-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-2/"},{"reference_url":"https://usn.ubuntu.com/6403-3/","reference_id":"USN-6403-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-3/"},{"reference_url":"https://usn.ubuntu.com/6404-1/","reference_id":"USN-6404-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6404-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"},{"reference_url":"https://usn.ubuntu.com/7172-1/","reference_id":"USN-7172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2023-5217","GHSA-qqvq-6xgj-jw8g"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ghpk-c1e6-pkae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/368?format=json","vulnerability_id":"VCID-hjh5-utas-ekb9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8388.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8388","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1357","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13448","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13534","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13575","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476469","reference_id":"2476469","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476469"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-45/","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2036978","reference_id":"show_bug.cgi?id=2036978","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2036978"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8388"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjh5-utas-ekb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/377?format=json","vulnerability_id":"VCID-rne7-tu7d-v7e9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8956.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8956","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20105","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19994","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.2006","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20099","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8956"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479839","reference_id":"2479839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479839"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032427","reference_id":"show_bug.cgi?id=2032427","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032427"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8956"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rne7-tu7d-v7e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/384?format=json","vulnerability_id":"VCID-tqws-w9ga-gqew","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8970.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8970.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8970","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13791","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8970"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479852","reference_id":"2479852","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479852"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032174","reference_id":"show_bug.cgi?id=2032174","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2032174"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8970"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqws-w9ga-gqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/386?format=json","vulnerability_id":"VCID-tuxm-fxt8-vbee","summary":"Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8975.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8975","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14686","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14567","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14692","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479840","reference_id":"2479840","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479840"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669","reference_id":"buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8975"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tuxm-fxt8-vbee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/374?format=json","vulnerability_id":"VCID-tzqv-xgdb-efa1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8953.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8953.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8953","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14567","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14692","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14686","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8953"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479860","reference_id":"2479860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479860"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029511","reference_id":"show_bug.cgi?id=2029511","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2029511"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8953"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzqv-xgdb-efa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/378?format=json","vulnerability_id":"VCID-uncq-bg36-3yfe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8957.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8957","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13791","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8957"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479880","reference_id":"2479880","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479880"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2033850","reference_id":"show_bug.cgi?id=2033850","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2033850"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8957"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uncq-bg36-3yfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/382?format=json","vulnerability_id":"VCID-vseb-hh7u-1fc5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8962.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8962.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8962","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15221","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15084","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15168","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15211","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8962"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479876","reference_id":"2479876","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479876"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004804","reference_id":"show_bug.cgi?id=2004804","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2004804"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8962"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vseb-hh7u-1fc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/370?format=json","vulnerability_id":"VCID-w8ts-g59t-z3d7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8391.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8391","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28853","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28749","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28783","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28818","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8391"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476475","reference_id":"2476475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476475"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-45/","reference_id":"mfsa2026-45","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-47/","reference_id":"mfsa2026-47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038575","reference_id":"show_bug.cgi?id=2038575","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2038575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8391"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w8ts-g59t-z3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/381?format=json","vulnerability_id":"VCID-z1zg-s87s-fkdu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8961.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8961","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1059","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10488","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10574","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10613","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8961"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479871","reference_id":"2479871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479871"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1962625","reference_id":"show_bug.cgi?id=1962625","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1962625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8961"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z1zg-s87s-fkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/383?format=json","vulnerability_id":"VCID-z8mw-3stk-vbdg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8968.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8968","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19523","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19405","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19475","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19518","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479846","reference_id":"2479846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479846"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21378","reference_id":"RHSA-2026:21378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21380","reference_id":"RHSA-2026:21380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21382","reference_id":"RHSA-2026:21382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030467","reference_id":"show_bug.cgi?id=2030467","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2030467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/511634?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1"}],"aliases":["CVE-2026-8968"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8mw-3stk-vbdg"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1"}