RockyLinux 10 : thunderbird (RLSA-2026:22325)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22325 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

RLSA-2026:19153 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

CVE-2026-8954

Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8946 Incorrect boundary conditions in the Audio/Video: Web Codecs component

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8091

CVE-2026-8091 affects Mozilla Audio/Video: Playback with an incorrect boundary condition in the component. It is fixed by updating to Firefox 150, Thunderbird 150, and Firefox ESR 140.10.1 (and 140.10.2 per ESR updates) as well as Firefox ESR 115.35.2. Connected disclosures corroborate this is a ...

RHEL 8 : firefox (RHSA-2026:13682)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13682 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

RLSA-2026:10766 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-057 (ALASFIREFOX-2026-057)

The version of firefox installed on the remote host is prior to 140.9.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-057 advisory. Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

SUSE-SU-2026:1379-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Update to 149.0.2 and 140.9.1esr bsc1261663. - CVE-2026-5731: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. - CVE-2026-5732: Incorrect bounda...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service via out-of-bound...

RHEL 10 : firefox (RHSA-2026:7672)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7672 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

RHEL 9 : firefox (RHSA-2026:7839)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7839 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

OPENSUSE-SU-2026:20486-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.9.1 ESR bsc1261663. - MFSA 2026-27: CVE-2026-5731: memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2...

KLA90970 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause...

CVE-2026-4706 Incorrect boundary conditions in the Graphics: Canvas2D component

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Mozilla Firefox < 149.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 149.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-20 advisory. - Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox...

RLSA-2026:3515 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR...

PT-2026-21649

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description ImageMagick, software for editing and manipulating digital images, has an issue with boundary checking when processing Huffman-coded data from PCD Photo...

CVE-2026-0878

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...