VYPR

Thunderbird

by Mozilla Corporation

Source repositories

CVEs (1,863)

  • CVE-2025-6435HigJun 24, 2025
    risk 0.53cvss 8.1epss 0.00

    If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in…

  • CVE-2025-5269HigMay 27, 2025
    risk 0.53cvss 8.1epss 0.00

    Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox ESR 128.11 and Thunderbird…

  • CVE-2025-5268HigMay 27, 2025
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This…

  • CVE-2025-3909HigMay 14, 2025
    risk 0.53cvss 8.1epss 0.00

    Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as…

  • CVE-2025-4093HigApr 29, 2025
    risk 0.53cvss 8.1epss 0.00

    Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox ESR 128.10 and Thunderbird…

  • CVE-2025-4091HigApr 29, 2025
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability…

  • CVE-2025-3034HigApr 1, 2025
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox 136 and Thunderbird 136. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 137 and…

  • CVE-2025-3030HigApr 1, 2025
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability…

  • CVE-2025-1943HigMar 4, 2025
    risk 0.53cvss 8.2epss 0.00

    Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 136 and…

  • CVE-2025-1932HigMar 4, 2025
    risk 0.53cvss 8.1epss 0.00

    An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8.

  • CVE-2018-5178HigJun 11, 2018
    risk 0.53cvss 8.1epss 0.05

    A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8,…

  • CVE-2017-7807HigJun 11, 2018
    risk 0.53cvss 8.1epss 0.02

    A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3,…

  • CVE-2016-1526HigFeb 13, 2016
    risk 0.53cvss 8.1epss 0.02

    The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of…

  • CVE-2026-0878HigJan 13, 2026
    risk 0.52cvss 8.0epss 0.00

    Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

  • CVE-2025-14322HigDec 9, 2025
    risk 0.52cvss 8.0epss 0.00

    Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.

  • CVE-2026-6776HigApr 21, 2026
    risk 0.51cvss 7.8epss 0.00

    Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2017-7814HigJun 11, 2018
    risk 0.51cvss 7.8epss 0.01

    File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables…

  • CVE-2017-7755HigJun 11, 2018
    risk 0.51cvss 7.8epss 0.01

    The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems.…

  • CVE-2025-3033HigApr 1, 2025
    risk 0.50cvss 7.7epss 0.00

    After selecting a malicious Windows `.url` shortcut from the local filesystem, an unexpected file could be uploaded. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 137 and Thunderbird 137.

  • CVE-2025-0241HigJan 7, 2025
    risk 0.50cvss 7.7epss 0.01

    When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6.

Page 17 of 94