CVE-2026-12327

Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2026-12326

Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152...

CVE-2026-8948

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Networking component...

CVE-2026-8091

Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2...

CVE-2026-8963

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Web Speech component...

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3315 (ALAS-2026-3315)

The version of thunderbird installed on the remote host is prior to 140.10.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3315 advisory. In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of servic...

Astra Linux – Vulnerability in Thunderbird

If a Thunderbird user has previously imported Alice’s OpenPGP key, and Alice has extended the validity period of her key, but Alice’s updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice’s key with an invalid subkey. In this case, Thunderbird...

Astra Linux - уязвимость в firefox, thunderbird

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 102. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefo...

Astra Linux - уязвимость в firefox, thunderbird

Firefox did not properly handle downloads of files ending with .desktop, which can be interpreted to execute commands controlled by the attacker. This bug only affects Firefox for Linux on certain distributions. Other operating systems are unaffected, and Mozilla is unable to list all affected...

SUSE CVE-2026-8966

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

UBUNTU-CVE-2026-8949

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8956

Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8968

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8957

Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

UBUNTU-CVE-2026-8970

Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8966

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

CVE-2026-8965 Information disclosure in the DOM: Security component

Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

CVE-2026-8962

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

Linux Distros Unpatched Vulnerability : CVE-2026-8093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these coul...

CVE-2026-8090

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2...