Mozilla Firefox < 152.0

The version of Firefox installed on the remote Windows host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-57 advisory. - Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of the...

RLSA-2026:22325 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

RockyLinux 10 : firefox (RLSA-2026:21380)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21380 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ALSA-2026:21381 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

vulnerabilities found in Apple MacOS

Apple has addressed several vulnerabilities in various versions of macOS including Sequoia, Sonoma, and Tahoe versions. These vulnerabilities involve memory management issues such as buffer overflows, use-after-free errors, out-of-bounds reads and writes, and integer overflows. These...

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the GetRawInputDeviceInfoSlave handler in the SbieSvc proxy service, which has issues with information...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Proxy component allowing for post-release reuse of objects, which could enable attackers from privileged network...

RHEL 9 : firefox (RHSA-2026:7839)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7839 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

DeerFlow 安全漏洞

DeerFlow is an open-source orchestration framework developed by Bytedance, used to coordinate sub-proxies and skill executions. Versions of DeerFlow prior to 92c7a20 contained security vulnerabilities. These vulnerabilities stemmed from sandbox escapes in bash tool processing. Attackers could...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2026:1127-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1127-1 advisory. Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: - CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component -...

Don't Let the Claw Grip Your Hand: A Security Analysis and Defense Framework for OpenClaw

Code agents powered by large language models can execute shell commands on behalf of users, introducing severe security vulnerabilities. This paper presents a two-phase security analysis of the OpenClaw platform. As an open-source AI agent framework that operates locally, OpenClaw can be integrat...

RHEL 9 : firefox (RHSA-2026:3497)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3497 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap...

Important: thunderbird

Issue Overview: Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox 146. CVE-2025-14327 CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. This vulnerability affects Thunderbird 147.0.1 and Thunderbird 140.7.1...

Important: firefox

Issue Overview: Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox 146. CVE-2025-14327 Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox 147, Firefox ESR 115.32, and Firefox ESR 140.7. CVE-2026-0877 Sandbox escape due to incorrec...

AlmaLinux 8 : firefox (ALSA-2026:0667)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:0667 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox:...

RHEL 10 : thunderbird (RHSA-2026:2286)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2286 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component...

ALSA-2026:2286 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.7,...

EUVD-2026-5592

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape is possible by shadowing hasOwnProperty on a sandbox object, which disables prototype whitelist enforcement in the property-access path. This permits direct access to proto and other blocked prototype properties,...