Thunderbird is vulnerable to arbitrary code execution. An attacker is potentially able to execute arbitrary code via memory corruption.
bugzilla.mozilla.org/buglist.cgi?bug_id=1513519%2C1683439%2C1690169%2C1690718
security-tracker.debian.org/tracker/CVE-2021-23987
security.gentoo.org/glsa/202104-09
security.gentoo.org/glsa/202104-10
www.mozilla.org/security/advisories/mfsa2021-10/
www.mozilla.org/security/advisories/mfsa2021-11/
www.mozilla.org/security/advisories/mfsa2021-12/