CVE-2026-57963
The CVE describes a vulnerability in Thunderbird’s chat UI where an attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. Affected product: Thunderbird (chat UI component). Root cause: HTML/CSS cont...