Lucene search
K

5 matches found

NVD
NVD
added 17 hours ago8 views

CVE-2026-57963

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

6.5CVSS
Exploits0References3
Cvelist
Cvelist
added 18 hours ago10 views

CVE-2026-57963 Chat UI manipulation by injection

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

Exploits0References3
CVE
CVE
added 18 hours ago10 views

CVE-2026-57963

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

6.5CVSS5.9AI score
Exploits0References3
Cvelist
Cvelist
added 18 hours ago9 views

CVE-2026-57962 Denial-of-service via malicious LDAP address-book server

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory exhaustion. This vulnerability was fixed in Thunderbird 152.0.1 and...

Exploits0References3
CVE
CVE
added 18 hours ago9 views

CVE-2026-57962

CVE-2026-57962 affects Thunderbird’s LDAP address-book autocomplete. A malicious LDAP server can cause the Thunderbird LDAP client to stash attacker-supplied data, enabling memory exhaustion and a denial of service. Root cause is unbounded data processing by the LDAP client when queried by the Th...

5.3CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder