CVE-2026-5266

creationtimestamp| type| source ---|---|--- 2026-05-11 19:40:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllzp7kxcx2k 2026-05-11 19:40:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllzp7kxcx2k...

DEBIAN-CVE-2026-5266

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from before 1.43.7, 1.44.4, 1.45.2...

UBUNTU-CVE-2026-5266

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from before 1.43.7, 1.44.4, 1.45.2...

CVE-2026-5266

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from before 1.43.7, 1.44.4, 1.45.2...

MINI-W65Q-5266-464G

Bulletin has no description...

[SECURITY] [DSA 6208-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6208-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 12, 2026 https://www.debian.org/security/faq -...

Linux Distros Unpatched Vulnerability : CVE-2026-5266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files...

MiracleLinux 8 : thunderbird-128.11.0-1.el8_10.ML.1 (AXSA:2025-10026:12)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10026:12 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:01946-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01946-1 advisory. Update to Mozilla Thunderbird 128.11 MFSA 2025-46, bsc1243353: - CVE-2025-5262: Double-free in...

Updated nss & firefox packages fix security vulnerabilities

CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this...

openSUSE Security Advisory (SUSE-SU-2025:01946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:01946-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.11 MFSA 2025-46, bsc1243353: - CVE-2025-5262: Double-free in libvpx encoder bmo1962421 - CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content bmo1960745 -...

AlmaLinux 8 : thunderbird (ALSA-2025:8756)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8756 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in...

RHEL 8 : thunderbird (RHSA-2025:8756)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8756 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment...

RHEL 9 : thunderbird (RHSA-2025:8598)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8598 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving...

RHEL 9 : thunderbird (RHSA-2025:8607)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8607 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving...

SUSE: Security Advisory (SUSE-SU-2025:01769-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5932-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5926-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5926-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 28, 2025 https://www.debian.org/security/faq -...

CVE-2025-5266

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...