Vulnerability-Lookup

SUSE-SU-2026:1379-1

Vulnerability from csaf_suse - Published: 2026-04-16 08:42 - Updated: 2026-04-16 08:42

Summary

Security update for MozillaThunderbird

Severity

Important

Notes

Title of the patch: Security update for MozillaThunderbird

Description of the patch: This update for MozillaThunderbird fixes the following issues: - Update to 149.0.2 and 140.9.1esr (bsc#1261663). - CVE-2026-5731: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. - CVE-2026-5732: Incorrect boundary conditions, integer overflow in the Graphics: Text component. - CVE-2026-5734: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2.

Patchnames: SUSE-2026-1379,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1379,SUSE-SLE-Product-WE-15-SP7-2026-1379

CVE-2026-5731

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-5732

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-5734

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

URL

Category

	https://www.suse.com/support/security/rating/	external
	https://ftp.suse.com/pub/projects/security/csaf/s…	self
	https://www.suse.com/support/update/announcement/…	self
	https://lists.suse.com/pipermail/sle-updates/2026…	self
	https://bugzilla.suse.com/1261663	self
	https://www.suse.com/security/cve/CVE-2026-5731/	self
	https://www.suse.com/security/cve/CVE-2026-5732/	self
	https://www.suse.com/security/cve/CVE-2026-5734/	self
	https://www.suse.com/security/cve/CVE-2026-5731	external
	https://bugzilla.suse.com/1261663	external
	https://www.suse.com/security/cve/CVE-2026-5732	external
	https://bugzilla.suse.com/1261663	external
	https://www.suse.com/security/cve/CVE-2026-5734	external
	https://bugzilla.suse.com/1261663	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaThunderbird",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for MozillaThunderbird fixes the following issues:\n\n- Update to 149.0.2 and 140.9.1esr (bsc#1261663).\n- CVE-2026-5731: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2.\n- CVE-2026-5732: Incorrect boundary conditions, integer overflow in the Graphics: Text component.\n- CVE-2026-5734: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-1379,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1379,SUSE-SLE-Product-WE-15-SP7-2026-1379",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1379-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:1379-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261379-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:1379-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045622.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1261663",
        "url": "https://bugzilla.suse.com/1261663"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-5731 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-5731/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-5732 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-5732/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-5734 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-5734/"
      }
    ],
    "title": "Security update for MozillaThunderbird",
    "tracking": {
      "current_release_date": "2026-04-16T08:42:00Z",
      "generator": {
        "date": "2026-04-16T08:42:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:1379-1",
      "initial_release_date": "2026-04-16T08:42:00Z",
      "revision_history": [
        {
          "date": "2026-04-16T08:42:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
                  "product_id": "MozillaThunderbird-140.9.1-150200.8.266.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
                  "product_id": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
                  "product_id": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
                  "product_id": "MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
                  "product_id": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
                  "product_id": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
                  "product_id": "MozillaThunderbird-140.9.1-150200.8.266.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
                  "product_id": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
                  "product_id": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
                  "product_id": "MozillaThunderbird-140.9.1-150200.8.266.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
                  "product_id": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64",
                "product": {
                  "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64",
                  "product_id": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.9.1-150200.8.266.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.9.1-150200.8.266.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x"
        },
        "product_reference": "MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-140.9.1-150200.8.266.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
        },
        "product_reference": "MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-5731",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-5731"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-5731",
          "url": "https://www.suse.com/security/cve/CVE-2026-5731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261663 for CVE-2026-5731",
          "url": "https://bugzilla.suse.com/1261663"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-16T08:42:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-5731"
    },
    {
      "cve": "CVE-2026-5732",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-5732"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-5732",
          "url": "https://www.suse.com/security/cve/CVE-2026-5732"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261663 for CVE-2026-5732",
          "url": "https://bugzilla.suse.com/1261663"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-16T08:42:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-5732"
    },
    {
      "cve": "CVE-2026-5734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-5734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-5734",
          "url": "https://www.suse.com/security/cve/CVE-2026-5734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261663 for CVE-2026-5734",
          "url": "https://bugzilla.suse.com/1261663"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.9.1-150200.8.266.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.9.1-150200.8.266.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-16T08:42:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-5734"
    }
  ]
}

CVE-2026-5731 (GCVE-0-2026-5731)

Vulnerability from cvelistv5 – Published: 2026-04-07 12:43 – Updated: 2026-04-13 13:51

Title

Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

Summary

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

mozilla

References

URL

Tags

	https://bugzilla.mozilla.org/buglist.cgi?bug_id=2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

Vendor

Product

Version

Mozilla

Firefox

Unaffected: 115.34.1 , ≤ 115.* (rpm)
Unaffected: 140.9.1 , ≤ 140.* (rpm)
Unaffected: 149.0.2 , ≤ * (rpm)

Mozilla

Thunderbird

Unaffected: 140.9.1 , ≤ 140.* (rpm)
Unaffected: 149.0.2 , ≤ * (rpm)

Credits

Brian Grinstead, Christian Holler, Tom Schuster and the Mozilla Fuzzing Team

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-5731",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-08T03:55:32.832Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "115.*",
              "status": "unaffected",
              "version": "115.34.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.9.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "149.0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.9.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "149.0.2",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Brian Grinstead, Christian Holler, Tom Schuster and the Mozilla Fuzzing Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1."
            }
          ],
          "value": "Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-13T13:51:32.565Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "name": "Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2",
          "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2021894%2C2022225%2C2022252%2C2022294%2C2023007%2C2023130%2C2023191%2C2023364%2C2023829%2C2024074%2C2024417%2C2024433%2C2024436%2C2024437%2C2024453%2C2024461%2C2024462%2C2024472%2C2024474%2C2024477%2C2025364%2C2025401%2C2025402%2C2025472%2C2026287%2C2026299%2C2026305%2C2026426"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-25/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-26/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-27/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-28/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-29/"
        }
      ],
      "title": "Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2026-5731",
    "datePublished": "2026-04-07T12:43:11.895Z",
    "dateReserved": "2026-04-07T12:43:11.413Z",
    "dateUpdated": "2026-04-13T13:51:32.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-5732 (GCVE-0-2026-5732)

Vulnerability from cvelistv5 – Published: 2026-04-07 12:43 – Updated: 2026-04-13 13:51

Title

Incorrect boundary conditions, integer overflow in the Graphics: Text component

Summary

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

mozilla

References

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=2017867
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

Vendor

Product

Version

Mozilla

Firefox

Unaffected: 140.9.1 , ≤ 140.* (rpm)
Unaffected: 149.0.2 , ≤ * (rpm)

Mozilla

Thunderbird

Unaffected: 140.9.1 , ≤ 140.* (rpm)
Unaffected: 149.0.2 , ≤ * (rpm)

Credits

Sajeeb Lohani

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-5732",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T14:28:39.207668Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T14:29:05.339Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.9.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "149.0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.9.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "149.0.2",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sajeeb Lohani"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1."
            }
          ],
          "value": "Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-13T13:51:28.140Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017867"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-25/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-27/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-28/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-29/"
        }
      ],
      "title": "Incorrect boundary conditions, integer overflow in the Graphics: Text component"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2026-5732",
    "datePublished": "2026-04-07T12:43:12.829Z",
    "dateReserved": "2026-04-07T12:43:12.349Z",
    "dateUpdated": "2026-04-13T13:51:28.140Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-5734 (GCVE-0-2026-5734)

Vulnerability from cvelistv5 – Published: 2026-04-07 12:43 – Updated: 2026-04-13 13:51

Title

Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

Summary

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

mozilla

References

URL

Tags

	https://bugzilla.mozilla.org/buglist.cgi?bug_id=2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

Vendor

Product

Version

Mozilla

Firefox

Unaffected: 140.9.1 , ≤ 140.* (rpm)
Unaffected: 149.0.2 , ≤ * (rpm)

Mozilla

Thunderbird

Unaffected: 140.9.1 , ≤ 140.* (rpm)
Unaffected: 149.0.2 , ≤ * (rpm)

Credits

Brian Grinstead, Christian Holler, Tom Schuster and the Mozilla Fuzzing Team

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-5734",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-08T03:55:30.963374Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-13T13:20:27.463Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.9.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "149.0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThanOrEqual": "140.*",
              "status": "unaffected",
              "version": "140.9.1",
              "versionType": "rpm"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "149.0.2",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Brian Grinstead, Christian Holler, Tom Schuster and the Mozilla Fuzzing Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1."
            }
          ],
          "value": "Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-13T13:51:34.677Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "name": "Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2",
          "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-25/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-27/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-28/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2026-29/"
        }
      ],
      "title": "Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2026-5734",
    "datePublished": "2026-04-07T12:43:14.833Z",
    "dateReserved": "2026-04-07T12:43:14.328Z",
    "dateUpdated": "2026-04-13T13:51:34.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2026:1379-1

CVE-2026-5731 (GCVE-0-2026-5731)

CVE-2026-5732 (GCVE-0-2026-5732)

CVE-2026-5734 (GCVE-0-2026-5734)

Tags

Sightings

Nomenclature