PT-2026-31480

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A flaw exists in the V8 JavaScript engine within Google Chrome due to insufficient access control within the isolated environment. Successful exploitation could allow a remote attacker ...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a resource management vulnerability that stemmed from the reuse of V8 objects after its release. This vulnerability could allow attackers to exploit heap corruption...

RHEL 8 : thunderbird (RHSA-2026:6917)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:6917 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engine...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability caused by type confusion in the V8 engine. This vulnerability could allow arbitrary code to be executed within a sandbox through specially crafted HTML pages...

chromium -- security fixes

Chrome Releases reports: This update includes multiple security fixes: Critical: CVE-2026-5858: Heap buffer overflow in WebML. CVE-2026-5859: Integer overflow in WebML. High: CVE-2026-5860: Use after free in WebRTC. CVE-2026-5861: Use after free in V8. CVE-2026-5862: Inappropriate implementation ...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and...

BIT-NODE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

Chromium: CVE-2026-5279 Object corruption in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

AlmaLinux 9 : thunderbird (ALSA-2026:6188)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6188 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

MGASA-2026-0081 Updated thunderbird packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Spoofing issue in Thunderbird. CVE-2026-3889 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in...

MGASA-2026-0080 Updated nss & firefox packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-46...

Updated thunderbird packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Spoofing issue in Thunderbird. CVE-2026-3889 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in...

firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...

firefox: thunderbird: Use-after-free in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.9 MFSA 2026-24, bsc1260083: CVE-2026-3889: Spoofing issue in Thunderbird CVE-2026-4371: Out of bounds read in IMAP parsing CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender...

EUVD-2026-17791

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Firefox

JIT compilation errors, use-after-free in the JavaScript Engine: JIT components. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Astra Linux – Vulnerability in Firefox

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...