CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

258 matches found

ROS-20260609-73-0028

Vulnerability of Audio/Video components: Mozilla Firefox, Firefox ESR, and Thunderbird’s email client use web codecs. This vulnerability is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.5AI score0.00022EPSS

Exploits0

CVE•added 2 days ago•13 views

CVE-2026-11683

CVE-2026-11683 affects Google Chrome’s WebCodecs. The root cause is a use-after-free in WebCodecs that allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. The vulnerability is in Chrome versions prior to 149.0.7827.103 (Chromium-based). Impact is described...

8.8CVSS6AI score0.00071EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2 days ago•3 views

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-061 (ALASFIREFOX-2026-061)

The version of firefox installed on the remote host is prior to 140.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-061 advisory. Three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming...

9.8CVSS5.9AI score0.00065EPSS

Exploits0References34

Tenable Nessus•added 2 days ago•5 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3340 (ALAS-2026-3340)

The version of thunderbird installed on the remote host is prior to 140.11.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3340 advisory. Three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming th...

9.8CVSS5.9AI score0.00065EPSS

Exploits0References34

OSV•added 4 days ago•7 views

RLSA-2026:22643 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

7.5CVSS5.5AI score0.00164EPSS

Exploits0References20

Tenable Nessus•added 4 days ago•5 views

RockyLinux 8 : thunderbird (RLSA-2026:22643)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22643 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

9.8CVSS5.7AI score0.00164EPSS

Exploits0References39

OSV•added 5 days ago•5 views

RLSA-2026:22325 Important: thunderbird security update

7.5CVSS5.5AI score0.00164EPSS

Exploits0References20

SUSE Linux•added 5 days ago•5 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.11 bsc1265212 MFSA 2026-44: CVE-2026-8090: Use-after-free in the DOM: Networking component. CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. CVE-2026-8094:...

8.8CVSS5.5AI score0.00164EPSS

Exploits0References48

OSV•added 5 days ago•4 views

SUSE-SU-2026:2271-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues - Updated to Mozilla Thunderbird 140.11 bsc1265212 MFSA 2026-44: - CVE-2026-8090: Use-after-free in the DOM: Networking component. - CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. -...

9.8CVSS5.5AI score0.00164EPSS

Exploits0References25

Tenable Nessus•added 5 days ago•5 views

RockyLinux 10 : thunderbird (RLSA-2026:22325)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22325 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

9.8CVSS5.7AI score0.00164EPSS

Exploits0References39

RedHat Linux•added 2026/06/03 1:1 a.m.•8 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00062EPSS

Exploits0References6

OSV•added 2026/06/02 12:0 a.m.•3 views

ALSA-2026:22643 Important: thunderbird security update

9.8CVSS5.9AI score0.00164EPSS

Exploits0References40

RedHat Linux•added 2026/06/01 3:41 p.m.•14 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00049EPSS

Exploits0References6

OSV•added 2026/05/30 6:3 p.m.•26 views

RLSA-2026:21378 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

7.5CVSS5.9AI score0.00109EPSS

Exploits0References19

SUSE Linux•added 2026/05/29 7:21 a.m.•14 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-41, MFSA 2026-48 bsc1265212, bsc1264378: CVE-2026-8090: Use-after-free in the DOM: Networking component. CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2,...

8.8CVSS5.9AI score0.00164EPSS

Exploits0References52

OSV•added 2026/05/29 7:21 a.m.•6 views

SUSE-SU-2026:2109-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-41, MFSA 2026-48 bsc1265212, bsc1264378: - CVE-2026-8090: Use-after-free in the DOM: Networking component. - CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2,...

9.8CVSS5.9AI score0.00164EPSS

Exploits0References27

Mageia•added 2026/05/29 5:12 a.m.•17 views

Updated nspr, nss and firefox(-l10n) packages fix security issues

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00109EPSS

Exploits0References5

OSV•added 2026/05/29 5:12 a.m.•13 views

MGASA-2026-0165 Updated nspr, nss and firefox(-l10n) packages fix security issues

9.8CVSS5.9AI score0.00109EPSS

Exploits0References6

Mageia•added 2026/05/29 5:12 a.m.•12 views

Updated thunderbird(-l10n) packages fix security vulnerabilities

9.8CVSS5.9AI score0.00109EPSS

Exploits0References3

OSV•added 2026/05/29 5:12 a.m.•10 views

MGASA-2026-0164 Updated thunderbird(-l10n) packages fix security vulnerabilities