Thunderbird for Android
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-4086 | Med | 0.42 | 6.5 | 0.00 | Apr 29, 2025 | A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.*. This vulnerability was fixed in Firefox 138 and Thunderbird 138. | ||
| CVE-2025-4090 | Med | 0.34 | 5.3 | 0.00 | Apr 29, 2025 | A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138. |
- risk 0.42cvss 6.5epss 0.00
A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.*. This vulnerability was fixed in Firefox 138 and Thunderbird 138.
- risk 0.34cvss 5.3epss 0.00
A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox 138 and Thunderbird 138.