Linux Distros Unpatched Vulnerability : CVE-2026-5264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

CVE-2026-5264

creationtimestamp| type| source ---|---|--- 2026-04-09 23:30:50+00:00| seen| Telegram/aaKaZzhZCQTbBESVtGmK3HO5aOAiXiyEGsKbx2XTc93AVKM 2026-04-10 00:56:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj44ghlwjv24...

UBUNTU-CVE-2026-5264

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

CVE-2026-5264

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

CVE-2026-5264

CVE-2026-5264 describes a heap buffer overflow in DTLS 1.3 ACK message processing. The vulnerability can be triggered by a remote attacker that sends a crafted DTLS 1.3 ACK message, potentially enabling high-impact outcomes as reflected by the associated CVSS metrics (NVD: AV:N/AC:L/PR:N/UI:N/S:U...

CVE-2026-5264 DTLS 1.3 ACK heap buffer overflow

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

MiracleLinux 8 : thunderbird-128.11.0-1.el8_10.ML.1 (AXSA:2025-10026:12)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10026:12 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header...

EUVD-2022-5264

Malicious code in bioql PyPI...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:01946-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01946-1 advisory. Update to Mozilla Thunderbird 128.11 MFSA 2025-46, bsc1243353: - CVE-2025-5262: Double-free in...

Updated nss & firefox packages fix security vulnerabilities

CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this...

Oracle Linux 7 : firefox (ELSA-2025-9074)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-9074 advisory. 128.11.0-1.0.1 - Update to 128.11.0 Orabug: 38077559CVE-2025-5263CVE-2025-5264 CVE-2025-5266CVE-2025-5267CVE-2025-5268CVE-2025-5269 Tenable has extract...

RHEL 7 : firefox (RHSA-2025:9074)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:9074 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

openSUSE Security Advisory (SUSE-SU-2025:01946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:01946-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.11 MFSA 2025-46, bsc1243353: - CVE-2025-5262: Double-free in libvpx encoder bmo1962421 - CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content bmo1960745 -...

AlmaLinux 8 : thunderbird (ALSA-2025:8756)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8756 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in...

RHEL 8 : thunderbird (RHSA-2025:8756)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8756 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment...

RHEL 10 : firefox (RHSA-2025:8341)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8341 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 9 : thunderbird (RHSA-2025:8598)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8598 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving...

RHEL 9 : thunderbird (RHSA-2025:8607)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8607 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving...

MozillaFirefox-139.0.1-1.1 on GA media (moderate)

MozillaFirefox-139.0.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15196-1 Rating: moderate Cross-References: CVE-2025-5263 CVE-2025-5264 CVE-2025-5265 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5270 CVE-2025-5271 CVE-2025-5272 CVSS scores: CVE-2025-5263 SUSE : 4.3...