VYPR

Thunderbird

by Mozilla Corporation

Source repositories

CVEs (1,863)

  • CVE-2026-4708HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4707HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4706HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4704HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4699HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4697HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4695HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4694HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4693HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4686HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4685HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.01

    Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4684HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-2803HigFeb 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

  • CVE-2026-2801HigFeb 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

  • CVE-2026-2783HigFeb 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.

  • CVE-2026-0889HigJan 13, 2026
    risk 0.49cvss 7.5epss 0.01

    Denial-of-service in the DOM: Service Workers component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.

  • CVE-2025-14327HigDec 9, 2025
    risk 0.49cvss 7.5epss 0.00

    Spoofing issue in the Downloads Panel component. This vulnerability was fixed in Firefox 146, Thunderbird 146, Firefox ESR 140.7, and Thunderbird 140.7.

  • CVE-2025-13025HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145.

  • CVE-2025-13016HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

  • CVE-2025-13012HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    Race condition in the Graphics component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.

Page 20 of 94