VYPR

Thunderbird

by Mozilla Corporation

Source repositories

CVEs (1,864)

  • CVE-2026-7322HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox…

  • CVE-2026-6753HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6752HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6751HigApr 21, 2026
    risk 0.47cvss 7.3epss 0.00

    Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2025-14332HigDec 9, 2025
    risk 0.47cvss 7.3epss 0.00

    Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 146 and…

  • CVE-2025-14325HigDec 9, 2025
    risk 0.47cvss 7.3epss 0.00

    JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.

  • CVE-2025-10528HigSep 16, 2025
    risk 0.47cvss 7.3epss 0.00

    Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-5272HigMay 27, 2025
    risk 0.47cvss 7.3epss 0.00

    Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139 and…

  • CVE-2025-3029HigApr 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability was fixed in Firefox 137, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9.

  • CVE-2025-1936HigMar 4, 2025
    risk 0.47cvss 7.3epss 0.00

    jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in…

  • CVE-2025-10527HigSep 16, 2025
    risk 0.46cvss 7.1epss 0.00

    Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-4085HigApr 29, 2025
    risk 0.46cvss 7.1epss 0.00

    An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability was fixed in Firefox 138 and Thunderbird 138.

  • CVE-2025-26696HigMar 10, 2025
    risk 0.46cvss 7.0epss 0.00

    Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. This vulnerability was fixed in Thunderbird 136 and Thunderbird 128.8.

  • CVE-2022-22753HigDec 22, 2022
    risk 0.46cvss 7.1epss 0.01

    A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.*This bug only affects Firefox on Windows. Other operating systems…

  • CVE-2021-29964HigJun 24, 2021
    risk 0.46cvss 7.1epss 0.01

    A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11,…

  • CVE-2018-12385HigOct 18, 2018
    risk 0.46cvss 7.0epss 0.00

    A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local…

  • CVE-2021-23991MedJun 24, 2021
    risk 0.44cvss 6.8epss 0.01

    If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey,…

  • CVE-2019-11730MedJul 23, 2019
    risk 0.44cvss 6.5epss 0.20

    A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these…

  • CVE-2018-12366MedOct 18, 2018
    risk 0.43cvss 6.5epss 0.03

    An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR <…

  • CVE-2018-12365MedOct 18, 2018
    risk 0.43cvss 6.5epss 0.03

    A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9,…

Page 37 of 94