Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Thunderbird  >> 140.0  Security Vulnerabilities
CVE-2026-4710
Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-03-24
CVE-2026-4692
Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
10.0
EPSS Score
0.0
Published
2026-03-24
CVE-2026-4694
Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-24
CVE-2026-4689
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVSS Score
10.0
EPSS Score
0.0
Published
2026-03-24
CVE-2026-2786
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-02-24
CVE-2026-2787
Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-02-24
CVE-2026-2788
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-02-24
CVE-2026-2789
Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-02-24
CVE-2026-2790
Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-02-24
CVE-2026-2791
Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-02-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved