Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3290 (ALAS-2026-3290)

The version of thunderbird installed on the remote host is prior to 140.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3290 advisory. Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic i...

Linux Distros Unpatched Vulnerability : CVE-2026-8390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3. CVE-2026-8390 Note that Nessus relies on the presence ...

Linux Distros Unpatched Vulnerability : CVE-2026-44216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmet...

RHEL 9 : firefox (RHSA-2026:17687)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:17687 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RLSA-2026:15892 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

AlmaLinux 9 : thunderbird (ALSA-2026:15892)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:15892 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...

CVE-2026-43989

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...

EUVD-2026-29465

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

UBUNTU-CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390

Mozilla Firefox is affected by a use-after-free in the JavaScript: WebAssembly component (CVE-2026-8390). The issue resides in WebAssembly within Firefox’s JavaScript engine and was fixed in version 150.0.3. Affected products are Firefox releases prior to 150.0.3, across platforms referenced in t...

CVE-2026-8390 Use-after-free in the JavaScript: WebAssembly component

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

CVE-2026-8390 Use-after-free in the JavaScript: WebAssembly component

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

SUSE CVE-2026-8257

A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...

Mozilla Firefox < 150.0.3

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-45 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3...