Vulnerability-Lookup

CVE-2026-8388 (GCVE-0-2026-8388)

Vulnerability from cvelistv5 – Published: 2026-05-12 12:36 – Updated: 2026-05-19 17:10

Title

Incorrect boundary conditions in the JavaScript Engine: JIT component

Summary

Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

mozilla

References

5 references

URL	Tags
https://bugzilla.mozilla.org/show_bug.cgi?id=2036978
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…
https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

2 products

Vendor	Product	Version
Mozilla	Firefox	Unaffected: 115.36 , ≤ 115.* (rpm) Unaffected: 140.11 , ≤ 140.* (rpm) Unaffected: 150.0.3 , ≤ * (rpm)
Mozilla	Thunderbird	Unaffected: 140.11 , ≤ * (rpm)

Credits

ggwhyp

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-8388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T18:28:57.252588Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T18:29:06.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "115.*",
              "status": "unaffected",
              "version": "115.36",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.11",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "150.0.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "140.11",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "ggwhyp"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11."
            }
          ],
          "value": "Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-19T17:10:46.244Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2036978"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-45/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/"
        }
      ],
      "title": "Incorrect boundary conditions in the JavaScript Engine: JIT component"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2026-8388",
    "datePublished": "2026-05-12T12:36:10.633Z",
    "dateReserved": "2026-05-12T12:36:09.855Z",
    "dateUpdated": "2026-05-19T17:10:46.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-8388",
      "date": "2026-06-08",
      "epss": "0.00043",
      "percentile": "0.13448"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-8388\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2026-05-12T14:17:11.813\",\"lastModified\":\"2026-05-19T18:16:31.167\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"150.0.3\",\"matchCriteriaId\":\"B13F359A-1C15-48B4-8319-AD42CC852E8C\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=2036978\",\"source\":\"security@mozilla.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2026-45/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2026-47/\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2026-48/\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2026-51/\",\"source\":\"security@mozilla.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-8388\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-12T18:28:57.252588Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-12T18:28:17.148Z\"}}], \"cna\": {\"title\": \"Incorrect boundary conditions in the JavaScript Engine: JIT component\", \"credits\": [{\"lang\": \"en\", \"value\": \"ggwhyp\"}], \"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"115.36\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"115.*\"}, {\"status\": \"unaffected\", \"version\": \"140.11\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"140.*\"}, {\"status\": \"unaffected\", \"version\": \"150.0.3\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"*\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Thunderbird\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"140.11\", \"versionType\": \"rpm\", \"lessThanOrEqual\": \"*\"}]}], \"references\": [{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=2036978\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2026-45/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2026-47/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2026-48/\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2026-51/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2026-05-19T17:10:46.244Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-8388\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-19T17:10:46.244Z\", \"dateReserved\": \"2026-05-12T12:36:09.855Z\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2026-05-12T12:36:10.633Z\", \"assignerShortName\": \"mozilla\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

SUSE-SU-2026:2271-1

Vulnerability from csaf_suse - Published: 2026-06-05 06:37 - Updated: 2026-06-05 06:37

Summary

Security update for MozillaThunderbird

Severity

Important

Notes

Title of the patch: Security update for MozillaThunderbird

Description of the patch: This update for MozillaThunderbird fixes the following issues - Updated to Mozilla Thunderbird 140.11 (bsc#1265212) MFSA 2026-44: - CVE-2026-8090: Use-after-free in the DOM: Networking component. - CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. - CVE-2026-8094: Other issue in the WebRTC component. MFSA 2026-51: - CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component. - CVE-2026-8391: Other issue in the JavaScript Engine component. - CVE-2026-8401: Sandbox escape in the Profile Backup component. - CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component. - CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component. - CVE-2026-8949: Integer overflow in the Widget: Win32 component. - CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component. - CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component. - CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component. - CVE-2026-8955: Privilege escalation in the DOM: Workers component. - CVE-2026-8956: Integer overflow in the Networking: JAR component. - CVE-2026-8957: Privilege escalation in the Enterprise Policies component. - CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component. - CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. - CVE-2026-8961: Spoofing issue in the Form Autofill component. - CVE-2026-8962: Mitigation bypass in the DOM: Security component. - CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. - CVE-2026-8970: Privilege escalation in the Security component. - CVE-2026-8974: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151. - CVE-2026-8975: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151.

Patchnames: SUSE-2026-2271,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2271,SUSE-SLE-Product-WE-15-SP7-2026-2271

CVE-2026-8090

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8092

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8094

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8388

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8391

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8401

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8946

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8947

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8949

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8950

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8953

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8954

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8955

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8956

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8957

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8958

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8959

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8961

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8962

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8968

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8970

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8974

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-8975

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64	—	Vendor Fix

Threats

Impact important

References

74 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2026…	self
https://bugzilla.suse.com/1265212	self
https://www.suse.com/security/cve/CVE-2026-8090/	self
https://www.suse.com/security/cve/CVE-2026-8092/	self
https://www.suse.com/security/cve/CVE-2026-8094/	self
https://www.suse.com/security/cve/CVE-2026-8388/	self
https://www.suse.com/security/cve/CVE-2026-8391/	self
https://www.suse.com/security/cve/CVE-2026-8401/	self
https://www.suse.com/security/cve/CVE-2026-8946/	self
https://www.suse.com/security/cve/CVE-2026-8947/	self
https://www.suse.com/security/cve/CVE-2026-8949/	self
https://www.suse.com/security/cve/CVE-2026-8950/	self
https://www.suse.com/security/cve/CVE-2026-8953/	self
https://www.suse.com/security/cve/CVE-2026-8954/	self
https://www.suse.com/security/cve/CVE-2026-8955/	self
https://www.suse.com/security/cve/CVE-2026-8956/	self
https://www.suse.com/security/cve/CVE-2026-8957/	self
https://www.suse.com/security/cve/CVE-2026-8958/	self
https://www.suse.com/security/cve/CVE-2026-8959/	self
https://www.suse.com/security/cve/CVE-2026-8961/	self
https://www.suse.com/security/cve/CVE-2026-8962/	self
https://www.suse.com/security/cve/CVE-2026-8968/	self
https://www.suse.com/security/cve/CVE-2026-8970/	self
https://www.suse.com/security/cve/CVE-2026-8974/	self
https://www.suse.com/security/cve/CVE-2026-8975/	self
https://www.suse.com/security/cve/CVE-2026-8090	external
https://bugzilla.suse.com/1264378	external
https://www.suse.com/security/cve/CVE-2026-8092	external
https://bugzilla.suse.com/1264378	external
https://www.suse.com/security/cve/CVE-2026-8094	external
https://bugzilla.suse.com/1264378	external
https://www.suse.com/security/cve/CVE-2026-8388	external
https://bugzilla.suse.com/1265432	external
https://www.suse.com/security/cve/CVE-2026-8391	external
https://bugzilla.suse.com/1265432	external
https://www.suse.com/security/cve/CVE-2026-8401	external
https://bugzilla.suse.com/1265432	external
https://www.suse.com/security/cve/CVE-2026-8946	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8947	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8949	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8950	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8953	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8954	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8955	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8956	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8957	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8958	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8959	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8961	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8962	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8968	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8970	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8974	external
https://bugzilla.suse.com/1265212	external
https://www.suse.com/security/cve/CVE-2026-8975	external
https://bugzilla.suse.com/1265212	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaThunderbird",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for MozillaThunderbird fixes the following issues\n\n- Updated to Mozilla Thunderbird 140.11 (bsc#1265212)\n\nMFSA 2026-44:\n\n- CVE-2026-8090: Use-after-free in the DOM: Networking component.\n- CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2.\n- CVE-2026-8094: Other issue in the WebRTC component.\n\nMFSA 2026-51:\n\n- CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component.\n- CVE-2026-8391: Other issue in the JavaScript Engine component.\n- CVE-2026-8401: Sandbox escape in the Profile Backup component.\n- CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component.\n- CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component.\n- CVE-2026-8949: Integer overflow in the Widget: Win32 component.\n- CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component.\n- CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component.\n- CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component.\n- CVE-2026-8955: Privilege escalation in the DOM: Workers component.\n- CVE-2026-8956: Integer overflow in the Networking: JAR component.\n- CVE-2026-8957: Privilege escalation in the Enterprise Policies component.\n- CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component.\n- CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component.\n- CVE-2026-8961: Spoofing issue in the Form Autofill component.\n- CVE-2026-8962: Mitigation bypass in the DOM: Security component.\n- CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component.\n- CVE-2026-8970: Privilege escalation in the Security component.\n- CVE-2026-8974: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151.\n- CVE-2026-8975: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-2271,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2271,SUSE-SLE-Product-WE-15-SP7-2026-2271",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2271-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:2271-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262271-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:2271-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047111.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1265212",
        "url": "https://bugzilla.suse.com/1265212"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8090 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8090/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8092 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8092/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8094 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8094/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8388 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8391 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8391/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8401 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8401/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8946 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8946/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8947 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8949 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8949/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8950 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8950/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8953 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8953/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8954 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8954/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8955 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8956 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8957 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8957/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8958 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8958/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8959 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8959/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8961 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8961/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8962 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8968 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8968/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8970 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8974 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-8975 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-8975/"
      }
    ],
    "title": "Security update for MozillaThunderbird",
    "tracking": {
      "current_release_date": "2026-06-05T06:37:07Z",
      "generator": {
        "date": "2026-06-05T06:37:07Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:2271-1",
      "initial_release_date": "2026-06-05T06:37:07Z",
      "revision_history": [
        {
          "date": "2026-06-05T06:37:07Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
                  "product_id": "MozillaThunderbird-140.11.0-150200.8.274.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
                  "product_id": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
                  "product_id": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
                  "product_id": "MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
                  "product_id": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
                  "product_id": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
                  "product_id": "MozillaThunderbird-140.11.0-150200.8.274.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
                  "product_id": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
                  "product_id": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
                  "product_id": "MozillaThunderbird-140.11.0-150200.8.274.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
                  "product_id": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64",
                  "product_id": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.11.0-150200.8.274.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.11.0-150200.8.274.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x"
        },
        "product_reference": "MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.11.0-150200.8.274.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-8090",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8090"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8090",
          "url": "https://www.suse.com/security/cve/CVE-2026-8090"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264378 for CVE-2026-8090",
          "url": "https://bugzilla.suse.com/1264378"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8090"
    },
    {
      "cve": "CVE-2026-8092",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8092"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8092",
          "url": "https://www.suse.com/security/cve/CVE-2026-8092"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264378 for CVE-2026-8092",
          "url": "https://bugzilla.suse.com/1264378"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8092"
    },
    {
      "cve": "CVE-2026-8094",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8094"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8094",
          "url": "https://www.suse.com/security/cve/CVE-2026-8094"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264378 for CVE-2026-8094",
          "url": "https://bugzilla.suse.com/1264378"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8094"
    },
    {
      "cve": "CVE-2026-8388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8388",
          "url": "https://www.suse.com/security/cve/CVE-2026-8388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265432 for CVE-2026-8388",
          "url": "https://bugzilla.suse.com/1265432"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8388"
    },
    {
      "cve": "CVE-2026-8391",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8391"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8391",
          "url": "https://www.suse.com/security/cve/CVE-2026-8391"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265432 for CVE-2026-8391",
          "url": "https://bugzilla.suse.com/1265432"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8391"
    },
    {
      "cve": "CVE-2026-8401",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8401"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8401",
          "url": "https://www.suse.com/security/cve/CVE-2026-8401"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265432 for CVE-2026-8401",
          "url": "https://bugzilla.suse.com/1265432"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8401"
    },
    {
      "cve": "CVE-2026-8946",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8946"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8946",
          "url": "https://www.suse.com/security/cve/CVE-2026-8946"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8946",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8946"
    },
    {
      "cve": "CVE-2026-8947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8947",
          "url": "https://www.suse.com/security/cve/CVE-2026-8947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8947",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8947"
    },
    {
      "cve": "CVE-2026-8949",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8949"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8949",
          "url": "https://www.suse.com/security/cve/CVE-2026-8949"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8949",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8949"
    },
    {
      "cve": "CVE-2026-8950",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8950"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8950",
          "url": "https://www.suse.com/security/cve/CVE-2026-8950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8950",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8950"
    },
    {
      "cve": "CVE-2026-8953",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8953"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8953",
          "url": "https://www.suse.com/security/cve/CVE-2026-8953"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8953",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8953"
    },
    {
      "cve": "CVE-2026-8954",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8954"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8954",
          "url": "https://www.suse.com/security/cve/CVE-2026-8954"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8954",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8954"
    },
    {
      "cve": "CVE-2026-8955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8955",
          "url": "https://www.suse.com/security/cve/CVE-2026-8955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8955",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8955"
    },
    {
      "cve": "CVE-2026-8956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8956",
          "url": "https://www.suse.com/security/cve/CVE-2026-8956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8956",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8956"
    },
    {
      "cve": "CVE-2026-8957",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8957"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8957",
          "url": "https://www.suse.com/security/cve/CVE-2026-8957"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8957",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8957"
    },
    {
      "cve": "CVE-2026-8958",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8958"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8958",
          "url": "https://www.suse.com/security/cve/CVE-2026-8958"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8958",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8958"
    },
    {
      "cve": "CVE-2026-8959",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8959"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8959",
          "url": "https://www.suse.com/security/cve/CVE-2026-8959"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8959",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8959"
    },
    {
      "cve": "CVE-2026-8961",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8961"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8961",
          "url": "https://www.suse.com/security/cve/CVE-2026-8961"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8961",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8961"
    },
    {
      "cve": "CVE-2026-8962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8962",
          "url": "https://www.suse.com/security/cve/CVE-2026-8962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8962",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8962"
    },
    {
      "cve": "CVE-2026-8968",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8968"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8968",
          "url": "https://www.suse.com/security/cve/CVE-2026-8968"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8968",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8968"
    },
    {
      "cve": "CVE-2026-8970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8970",
          "url": "https://www.suse.com/security/cve/CVE-2026-8970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8970",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8970"
    },
    {
      "cve": "CVE-2026-8974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8974",
          "url": "https://www.suse.com/security/cve/CVE-2026-8974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8974",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8974"
    },
    {
      "cve": "CVE-2026-8975",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-8975"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-8975",
          "url": "https://www.suse.com/security/cve/CVE-2026-8975"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265212 for CVE-2026-8975",
          "url": "https://bugzilla.suse.com/1265212"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.11.0-150200.8.274.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.11.0-150200.8.274.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-05T06:37:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-8975"
    }
  ]
}

WID-SEC-W-2026-1503

Vulnerability from csaf_certbund - Published: 2026-05-12 22:00 - Updated: 2026-06-02 22:00

Summary

Mozilla Firefox: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Firefox ist ein Open Source Web Browser.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, darunter möglicherweise die Ausführung von Code, die Umgehung von Sicherheitsmaßnahmen, die Offenlegung oder Manipulation von Daten oder die Herbeiführung von Denial-of-Service-Zuständen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2026-8388

Affected products

Known affected 8 products

Product	Identifier	Version
Mozilla Firefox <150.0.3 Mozilla / Firefox		<150.0.3
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—

CVE-2026-8389

Affected products

Known affected 8 products

Product	Identifier	Version
Mozilla Firefox <150.0.3 Mozilla / Firefox		<150.0.3
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—

CVE-2026-8390

Affected products

Known affected 8 products

Product	Identifier	Version
Mozilla Firefox <150.0.3 Mozilla / Firefox		<150.0.3
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—

CVE-2026-8391

Affected products

Known affected 8 products

Product	Identifier	Version
Mozilla Firefox <150.0.3 Mozilla / Firefox		<150.0.3
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—

CVE-2026-8401

Affected products

Known affected 8 products

Product	Identifier	Version
Mozilla Firefox <150.0.3 Mozilla / Firefox		<150.0.3
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—

References

17 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.mozilla.org/en-US/security/advisories…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://lists.debian.org/debian-security-announce…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://access.redhat.com/errata/RHSA-2026:21378	external
https://access.redhat.com/errata/RHSA-2026:21380	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2026:21382	external
https://errata.build.resf.org/RLSA-2026:21382	external
https://linux.oracle.com/errata/ELSA-2026-21382.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://errata.build.resf.org/RLSA-2026:21378	external
https://kb.igel.com/en/security-safety/current/is…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Firefox ist ein Open Source Web Browser.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, darunter m\u00f6glicherweise die Ausf\u00fchrung von Code, die Umgehung von Sicherheitsma\u00dfnahmen, die Offenlegung oder Manipulation von Daten oder die Herbeif\u00fchrung von Denial-of-Service-Zust\u00e4nden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1503 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1503.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1503 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1503"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-45 vom 2026-05-12",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10813-1 vom 2026-05-20",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N4PBMNGPCFVXRJKTYWURGMAHKO2FKQDE/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4592 vom 2026-05-20",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00037.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6283 vom 2026-05-20",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00194.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2039-1 vom 2026-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026240.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:20789-1 vom 2026-05-25",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2XKHQFOHFVU7FRH6PM55T4P7D5OPT6NZ/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21378 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21378"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21380 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21380"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21828-1 vom 2026-05-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026321.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21382 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21382"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21382 vom 2026-05-29",
        "url": "https://errata.build.resf.org/RLSA-2026:21382"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-21382 vom 2026-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2026-21382.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2109-1 vom 2026-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026378.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21378 vom 2026-05-30",
        "url": "https://errata.build.resf.org/RLSA-2026:21378"
      },
      {
        "category": "external",
        "summary": "IGEL Security Notice ISN-2026-22 vom 2026-06-02",
        "url": "https://kb.igel.com/en/security-safety/current/isn-2026-22-firefox-esr-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Mozilla Firefox: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-02T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-03T06:02:32.380+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1503",
      "initial_release_date": "2026-05-12T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-12T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-05-20T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von openSUSE und Debian aufgenommen"
        },
        {
          "date": "2026-05-21T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-05-25T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2026-05-27T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2026-05-28T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation und Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-31T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-06-02T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IGEL aufgenommen"
        }
      ],
      "status": "final",
      "version": "8"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IGEL OS",
            "product": {
              "name": "IGEL OS",
              "product_id": "T017865",
              "product_identification_helper": {
                "cpe": "cpe:/o:igel:os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IGEL"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c150.0.3",
                "product": {
                  "name": "Mozilla Firefox \u003c150.0.3",
                  "product_id": "T053949"
                }
              },
              {
                "category": "product_version",
                "name": "150.0.3",
                "product": {
                  "name": "Mozilla Firefox 150.0.3",
                  "product_id": "T053949-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:firefox:150.0.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Firefox"
          }
        ],
        "category": "vendor",
        "name": "Mozilla"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-8388",
      "product_status": {
        "known_affected": [
          "T053949",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-8388"
    },
    {
      "cve": "CVE-2026-8389",
      "product_status": {
        "known_affected": [
          "T053949",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-8389"
    },
    {
      "cve": "CVE-2026-8390",
      "product_status": {
        "known_affected": [
          "T053949",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-8390"
    },
    {
      "cve": "CVE-2026-8391",
      "product_status": {
        "known_affected": [
          "T053949",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-8391"
    },
    {
      "cve": "CVE-2026-8401",
      "product_status": {
        "known_affected": [
          "T053949",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2026-05-12T22:00:00.000+00:00",
      "title": "CVE-2026-8401"
    }
  ]
}

WID-SEC-W-2026-1606

Vulnerability from csaf_certbund - Published: 2026-05-19 22:00 - Updated: 2026-06-02 22:00

Summary

Mozilla Firefox und Thunderbird: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Firefox ist ein Open Source Web Browser. ESR ist die Variante mit verlängertem Support. Thunderbird ist ein Open Source E-Mail Client.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, um Informationen offenzulegen, Sicherheitsbeschränkungen zu umgehen (z. B. Sandbox-Escape), den Benutzer zu täuschen, Berechtigungen zu eskalieren oder einen Denial-of-Service-Zustand herbeizuführen.

Betroffene Betriebssysteme: - Android - iPhoneOS - Linux - MacOS X - Windows

CVE-2026-8388

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8391

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8401

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8706

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8945

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8946

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8947

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8948

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8949

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8950

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8951

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8952

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8953

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8954

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8955

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8956

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8957

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8958

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8959

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8960

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8961

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8962

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8963

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8964

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8965

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8966

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8967

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8968

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8969

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8970

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8971

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8972

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8973

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8974

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

CVE-2026-8975

Affected products

Known affected 12 products

Product	Identifier	Version
Mozilla Thunderbird <151 Mozilla / Thunderbird		<151
Mozilla Firefox ESR <140.11 Mozilla / Firefox ESR		<140.11
Mozilla Firefox ESR <115.36 Mozilla / Firefox ESR		<115.36
Mozilla Firefox <151 Mozilla / Firefox		<151
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Mozilla Thunderbird <140.11 Mozilla / Thunderbird		<140.11

References

30 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.mozilla.org/en-US/security/advisories…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://lists.debian.org/debian-security-announce…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.debian.org/debian-security-announce…	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://lists.opensuse.org/archives/list/security…	external
https://access.redhat.com/errata/RHSA-2026:21382	external
https://access.redhat.com/errata/RHSA-2026:21380	external
https://access.redhat.com/errata/RHSA-2026:21378	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2026:21381	external
https://lists.opensuse.org/archives/list/security…	external
https://linux.oracle.com/errata/ELSA-2026-21382.html	external
https://lists.opensuse.org/archives/list/security…	external
https://errata.build.resf.org/RLSA-2026:21382	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://errata.build.resf.org/RLSA-2026:21381	external
https://errata.build.resf.org/RLSA-2026:21378	external
https://access.redhat.com/errata/RHSA-2026:22325	external
https://access.redhat.com/errata/RHSA-2026:22643	external
https://kb.igel.com/en/security-safety/current/is…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Firefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.\r\nThunderbird ist ein Open Source E-Mail Client.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen, Sicherheitsbeschr\u00e4nkungen zu umgehen (z. B. Sandbox-Escape), den Benutzer zu t\u00e4uschen, Berechtigungen zu eskalieren oder einen Denial-of-Service-Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Android\n- iPhoneOS\n- Linux\n- MacOS X\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1606 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1606.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1606 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1606"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-46 vom 2026-05-19",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-47 vom 2026-05-19",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47/"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-48 vom 2026-05-19",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-49 vom 2026-05-19",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-49/"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-50 vom 2026-05-19",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50/"
      },
      {
        "category": "external",
        "summary": "Mozilla Security Advisory mfsa2026-51 vom 2026-05-19",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10813-1 vom 2026-05-20",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N4PBMNGPCFVXRJKTYWURGMAHKO2FKQDE/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4592 vom 2026-05-20",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00037.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6283 vom 2026-05-20",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00194.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2039-1 vom 2026-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026240.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6288 vom 2026-05-21",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00199.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4594 vom 2026-05-22",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00039.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:20789-1 vom 2026-05-25",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2XKHQFOHFVU7FRH6PM55T4P7D5OPT6NZ/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21382 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21382"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21380 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21380"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21378 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21378"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21828-1 vom 2026-05-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026321.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21381 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21381"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10863-1 vom 2026-05-28",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K5XOKX5RBFOVIL522NO3N6BOVHY4P2Q7/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-21382 vom 2026-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2026-21382.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10864-1 vom 2026-05-28",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UBJIBUOS3WETGSITABGASMM7ABVFBZ2V/"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21382 vom 2026-05-29",
        "url": "https://errata.build.resf.org/RLSA-2026:21382"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2109-1 vom 2026-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026378.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21381 vom 2026-05-30",
        "url": "https://errata.build.resf.org/RLSA-2026:21381"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21378 vom 2026-05-30",
        "url": "https://errata.build.resf.org/RLSA-2026:21378"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22325 vom 2026-06-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:22325"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:22643 vom 2026-06-02",
        "url": "https://access.redhat.com/errata/RHSA-2026:22643"
      },
      {
        "category": "external",
        "summary": "IGEL Security Notice ISN-2026-22 vom 2026-06-02",
        "url": "https://kb.igel.com/en/security-safety/current/isn-2026-22-firefox-esr-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Mozilla Firefox und Thunderbird: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-02T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-03T06:02:26.309+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1606",
      "initial_release_date": "2026-05-19T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-19T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-05-20T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von openSUSE und Debian aufgenommen"
        },
        {
          "date": "2026-05-21T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE und Debian aufgenommen"
        },
        {
          "date": "2026-05-25T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Debian und openSUSE aufgenommen"
        },
        {
          "date": "2026-05-27T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2026-05-28T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von openSUSE, Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-31T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-06-02T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat und IGEL aufgenommen"
        }
      ],
      "status": "final",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IGEL OS",
            "product": {
              "name": "IGEL OS",
              "product_id": "T017865",
              "product_identification_helper": {
                "cpe": "cpe:/o:igel:os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IGEL"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c151",
                "product": {
                  "name": "Mozilla Firefox \u003c151",
                  "product_id": "T054362"
                }
              },
              {
                "category": "product_version",
                "name": "151",
                "product": {
                  "name": "Mozilla Firefox 151",
                  "product_id": "T054362-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:firefox:151"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Firefox"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c115.36",
                "product": {
                  "name": "Mozilla Firefox ESR \u003c115.36",
                  "product_id": "T054363"
                }
              },
              {
                "category": "product_version",
                "name": "115.36",
                "product": {
                  "name": "Mozilla Firefox ESR 115.36",
                  "product_id": "T054363-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:firefox_esr:115.36"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c140.11",
                "product": {
                  "name": "Mozilla Firefox ESR \u003c140.11",
                  "product_id": "T054364"
                }
              },
              {
                "category": "product_version",
                "name": "140.11",
                "product": {
                  "name": "Mozilla Firefox ESR 140.11",
                  "product_id": "T054364-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:firefox_esr:140.11"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Firefox ESR"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c151",
                "product": {
                  "name": "Mozilla Thunderbird \u003c151",
                  "product_id": "T054365"
                }
              },
              {
                "category": "product_version",
                "name": "151",
                "product": {
                  "name": "Mozilla Thunderbird 151",
                  "product_id": "T054365-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:thunderbird:151"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c140.11",
                "product": {
                  "name": "Mozilla Thunderbird \u003c140.11",
                  "product_id": "T054366"
                }
              },
              {
                "category": "product_version",
                "name": "140.11",
                "product": {
                  "name": "Mozilla Thunderbird 140.11",
                  "product_id": "T054366-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mozilla:thunderbird:140.11"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Thunderbird"
          }
        ],
        "category": "vendor",
        "name": "Mozilla"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-8388",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8388"
    },
    {
      "cve": "CVE-2026-8391",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8391"
    },
    {
      "cve": "CVE-2026-8401",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8401"
    },
    {
      "cve": "CVE-2026-8706",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8706"
    },
    {
      "cve": "CVE-2026-8945",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8945"
    },
    {
      "cve": "CVE-2026-8946",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8946"
    },
    {
      "cve": "CVE-2026-8947",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8947"
    },
    {
      "cve": "CVE-2026-8948",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8948"
    },
    {
      "cve": "CVE-2026-8949",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8949"
    },
    {
      "cve": "CVE-2026-8950",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8950"
    },
    {
      "cve": "CVE-2026-8951",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8951"
    },
    {
      "cve": "CVE-2026-8952",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8952"
    },
    {
      "cve": "CVE-2026-8953",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8953"
    },
    {
      "cve": "CVE-2026-8954",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8954"
    },
    {
      "cve": "CVE-2026-8955",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8955"
    },
    {
      "cve": "CVE-2026-8956",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8956"
    },
    {
      "cve": "CVE-2026-8957",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8957"
    },
    {
      "cve": "CVE-2026-8958",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8958"
    },
    {
      "cve": "CVE-2026-8959",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8959"
    },
    {
      "cve": "CVE-2026-8960",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8960"
    },
    {
      "cve": "CVE-2026-8961",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8961"
    },
    {
      "cve": "CVE-2026-8962",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8962"
    },
    {
      "cve": "CVE-2026-8963",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8963"
    },
    {
      "cve": "CVE-2026-8964",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8964"
    },
    {
      "cve": "CVE-2026-8965",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8965"
    },
    {
      "cve": "CVE-2026-8966",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8966"
    },
    {
      "cve": "CVE-2026-8967",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8967"
    },
    {
      "cve": "CVE-2026-8968",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8968"
    },
    {
      "cve": "CVE-2026-8969",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8969"
    },
    {
      "cve": "CVE-2026-8970",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8970"
    },
    {
      "cve": "CVE-2026-8971",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8971"
    },
    {
      "cve": "CVE-2026-8972",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8972"
    },
    {
      "cve": "CVE-2026-8973",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8973"
    },
    {
      "cve": "CVE-2026-8974",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8974"
    },
    {
      "cve": "CVE-2026-8975",
      "product_status": {
        "known_affected": [
          "T054365",
          "T054364",
          "T054363",
          "T054362",
          "2951",
          "T002207",
          "67646",
          "T017865",
          "T027843",
          "T004914",
          "T032255",
          "T054366"
        ]
      },
      "release_date": "2026-05-19T22:00:00.000+00:00",
      "title": "CVE-2026-8975"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-8388 (GCVE-0-2026-8388)

SUSE-SU-2026:2271-1

WID-SEC-W-2026-1503

WID-SEC-W-2026-1606

Tags

Sightings

Nomenclature