SUSE CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9...

SUSE CVE-2026-4696

Use-after-free in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4701

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4709

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4713

Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4371

A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking...

DEBIAN-CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9...

CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9...

CVE-2026-4371

CVE-2026-4371 describes an out-of-bounds read in an IMAP/ mail parsing context. A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer and potentially crash Thunderbird or leak sensitive data. Affected products are Thunderb...

CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9...

CVE-2026-3889

CVE-2026-3889 is a spoofing vulnerability in Thunderbird affecting versions before 149 and before 140.9. The connected documents provide only the high‑level description and references to Mozilla security advisories; no technical root cause, exploit details, affected components, or remediation ste...

EUVD-2026-14845

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

EUVD-2026-14829

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox 149, Firefox ESR 115.34, and Firefox ESR 140.9...

EUVD-2026-14851

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

EUVD-2026-14794

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox 149, Firefox ESR 115.34, and Firefox ESR 140.9...

EUVD-2026-14800

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

EUVD-2026-14802

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox 149, Firefox ESR 115.34, and Firefox ESR 140.9...

CVE-2026-4714

Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4711

Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4713

Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...