Total
1745 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-4694 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-04-13 | N/A | 7.5 HIGH |
| Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||||
| CVE-2026-4692 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-04-13 | N/A | 10.0 CRITICAL |
| Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||||
| CVE-2026-4689 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-04-13 | N/A | 10.0 CRITICAL |
| Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |||||
| CVE-2026-4371 | 1 Mozilla | 1 Thunderbird | 2026-04-13 | N/A | 7.4 HIGH |
| A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9. | |||||
| CVE-2026-3889 | 1 Mozilla | 1 Thunderbird | 2026-04-13 | N/A | 6.5 MEDIUM |
| Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9. | |||||