RHEL 9 : thunderbird (RHSA-2026:24844)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24844 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ES...

AlmaLinux 10 : thunderbird (ALSA-2026:22325)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:22325 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

AlmaLinux 8 : thunderbird (ALSA-2026:22643)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:22643 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

AlmaLinux 9 : thunderbird (ALSA-2026:21381)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:21381 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

OPENSUSE-SU-2026:10864-1 MozillaThunderbird-140.11.1-1.1 on GA media

These are all security issues fixed in the MozillaThunderbird-140.11.1-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : thunderbird (RHSA-2026:19467)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19467 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

MiracleLinux 8 : thunderbird-140.10.0-1.el8_10.ML.1 (AXSA:2026-579:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-579:10 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the...

OPENSUSE-SU-2026:10738-1 MozillaThunderbird-140.10.2-1.1 on GA media

These are all security issues fixed in the MozillaThunderbird-140.10.2-1.1 package on the GA media of openSUSE Tumbleweed...

Oracle Linux 10 : thunderbird (ELSA-2026-12285)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-12285 advisory. 140.10.0-1.0.1 - Add Oracle prefs 140.10.0-1 - Update to 140.10.0 ESR Tenable has extracted the preceding description block directly from the Oracle...

RHEL 10 : thunderbird (RHSA-2026:9638)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:9638 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-fr...

MiracleLinux 8 : thunderbird-140.9.0-1.el8_10.ML.1 (AXSA:2026-444:07)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-444:07 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR...

Fedora 42 : thunderbird (2026-db2b4e5b64)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-db2b4e5b64 advisory. Update to latest upstream version. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Debian: Security Advisory (DSA-6211-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 10 : thunderbird (ALSA-2026:6342)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6342 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.3...

MiracleLinux 8 : thunderbird-140.8.0-1.el8_10.ML.1 (AXSA:2026-263:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-263:04 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety...

MiracleLinux 8 : thunderbird-140.7.0-1.el8_10.ML.1 (AXSA:2026-240:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-240:03 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox...

RHEL 10 : thunderbird (RHSA-2026:3517)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3517 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox...

Fedora: Security Advisory (FEDORA-2026-6ca1769cc2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2026-0818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled...

MiracleLinux 9 : thunderbird-140.7.0-1.el9_7.ML.1 (AXSA:2026-082:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-082:02 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox...